In September 1979, frustration came to a head at the two-day Air Force Integrated Computer-Aided Manufacturing (ICAM) Industry Days meeting [2]. On the first day, a representative from General Electric (GE) challenged a panel of CAD vendors, which included Computer Vision, Applicon, and Gerber, to work together to enable an exchange mechanism. While this need was intuitive from a user's perspective, this was a very threatening proposition to the CAD vendors-who feared that sharing the structure of their databases publicly would be tantamount to giving away their competitive advantage. It would have been easy to gloss over the challenge; after all, the major vendors all had at least token representation on the ANSI (American National Standards Institute) committee responsible for CAD standards. Instead, the Computer Vision representative responded with a challenge of his own: if Boeing and General Electric (and perhaps others) would contribute the CAD translators they had already developed, the vendors would share their database structures.

What led to this offer was just the right mix of business motivation and intrigue. Large Navy contracts were looming on the horizon, and no vendor wanted to look unresponsive to customer requirements.

In the evening after the panel, several interested parties gathered and asked themselves if a common translator was really possible. The room had the right mix of people and ideas at the right time. This included an Air Force, Navy, and NASA representative, each willing to fund $25,000 for such an effort. A National Bureau of Standards representative, after a call to his boss at home for approval, was willing to champion it as chair and coordinator. The IGES Organization was formed by NBS in the spring of 1980. With the fundamentals to a common translator decided, conversation turned to a name for this new translation project. A minimalist approach was suggested:

Boeing supplied the structure of its Computer Integrated Information Network (CIIN) database. Both GE and Boeing contributed their existing translators. A core team formed, including representatives from NBS (Roger Nagel), Boeing (Walt Braithwaite), and GE (Phil Kennicott). Team members had worked closely with each of the vendors on internal integration projects. This prior experience built the expertise and trust needed to craft a solution in a very short time, and neither vendor felt it gave an unfair advantage to the other.

Soon after the ICAM Industry Days, NBS called an open meeting at the National Academy of Sciences (October 10, 1979). Around 200 people attended to herald the birth of IGES. There was an atmosphere of extraordinary excitement, although not everyone was readily supportive. In addition, although it was hotly debated, the name was accepted eventually with the minor change from "Interim" to "Initial."

After two critical reviews, the IGES team released its first draft in 1980, containing geometry, graphical data, and annotations. The IGES specification was brought to the ANSI Y14.26 committee for standardization. The first version of IGES was adopted as an ANSI standard, Y14.26M-1981 [3].

IGES successfully met a critical need. The IGES publication [1] establishes information structures to be used for the digital representation and communication of product definition data. The specification is concerned with the data required to describe and communicate the essential engineering characteristics of physical objects such as manufactured products. Such products are described in terms of their physical shape, dimensions, and information that further describe or explain the product. The processes that generate or utilize the product definition data typically include design, engineering analysis, production planning, fabrication, material handling, assembly, inspection, marketing, and field service. [4]

The Initial Graphics Exchange Specification is the U.S. national standard for the exchange of data between dissimilar CAD systems. The IGES standard, now in its sixth revision, has been expanded to include most concepts used in major CAD systems. All major and most minor non-PC-based CAD systems support some version of the IGES standard. Some of the over 1000 PC-based CAD systems (including all of the major ones) include some IGES support.

This first edition of IGES [1] served as a landmark to introduce a change in the way manufacturers thought about capturing and sharing their information about product data. As enhancements to the original version continued and IGES became an American National Standard, the IGES Specification was routinely in the top best sellers from the National Technical Information

Service (NTIS). Records show that through 1988 NTIS sold 2055 copies of IGES 3.0, and through 1991 sold 1295 copies of IGES 4.0. This U.S. national standard was also renowned internationally; it was adopted nationally by Australia, Japan, and the United Kingdom, to name a few. IGES was the precursor and provided the technical groundwork to the international standardization effort known as STEP-Standard for the Exchange of Product model data. The national and international impact on the development and deployment of product data standards in manufacturing has provided economic benefits to many implementing companies using product data standards for exchanging their data.

Examples of improvement brought about by the use of IGES include [5]:

Electric Boat Corporation, along with the rest of the SEAWOLF (the US Navy's newest attack submarine) Team, pioneered the use of IGES to pass construction data in digital format directly from design to manufacturing.

Honeywell Commercial Flight Systems (Minneapolis Operations), with its use of IGES, reduced engineering change orders from 40-120 (1989) to 0-3 (1991).

Piccione Machine Tool & Gear made a significant CAD/CAM investment, using IGES for a neutral exchange format. Consequently, the process of manipulating their data was reduced from a manual operation of 200 hours to a mostly automatic process which was completed in less than two working days. Unique Tool & Gauge Inc.'s CAD/CAM department has the responsibility of importing customer CAD files into CAM for manufacturing. Utilizing several software packages, the company found with effective IGES translation they were able to use their IGES prowess as a competitive advantage offering services above and beyond what they were previously able to offer.

Today, IGES is still used as a universal tool, providing a neutral format for many companies to transfer engineering data between CAD/CAM systems. As of late 1999, over 25 vendors offered commercial IGESsupporting tools [6].

In 1987, the three authors of The Initial Graphics Exchange Specification were recognized collectively for their contributions to the development of IGES Version 1.0 by receiving the AIMTECH Joseph Marie Jacquard

Memorial Award. The first author, Roger Nagel, was a NBS staff member at the time and is now the Harvey Wagner Professor of Manufacturing Systems Engineering in the Electrical Engineering & Computer Science Department at Lehigh University. He created Lehigh's Robotics Research Institute, established and directed the Manufacturing Systems Engineering Program, and served as Executive Director of Lehigh's Iacocca Institute for Competitiveness Research. While an employee of NIST, Nagel was a key member of the scientific team developing the Factory Hierarchical Control System in the Robotics Group. This work on hierarchical control systems, performed with James Albus, Tony Barbera, and Gordon Vanderbrug, has been the basis of hundreds of computer-based control systems for automation over the last 20 years. Nagel continues to serve as a technical advisor and consultant to NIST's Manufacturing Engineering Laboratory.

The other two authors were from industry. Walt Braithwaite is currently Corporate Vice President for Company Offices Administration at the Boeing Company. He has held numerous positions within Boeing, including Director of Program Management for the 737 and 757 airplane programs and Chief of Engineering Operations for the 747 and 767 programs. As the lead engineer responsible for technical direction in developing an information network to integrate computer-aided design and computer-aided manufacturing, he led development of Boeing's common data format and translators, which were used as a basis for developing the IGES protocol.

Philip Kennicott joined the General Electric Research Laboratory in 1961 where he made contributions in the fields of x-ray crystallography and spark-source mass spectrography. As a consultant to General Electric's Computer Aided Design Center, he was instrumental in making General Electric the largest user of CAD/CAM equipment in the world in the 1970s. This work led to the concept of a neutral database, the basis for the General Electric contribution to IGES. Within the IGES community, Kennicott served as a leader of many technical activities, including Editor of the continually evolving IGES standard. He also led a technical team to develop the Department of Energy Data Exchange Format, the first IGES application protocol. He continued this work at Sandia National Laboratories in 1989 and retired from Sandia in 1997.

Prepared by Sharon J. Kemmerer.

Bibliography

[1] Roger N. Nagel, Walt W. Braithwaite, and Philip R. Kennicott, Initial Graphics Exchange Specification IGES, Version 1.0, NBSIR 80-1978, National Bureau of Standards, Washington, DC (1980).

[2] Brad Smith, Roger Nagel, and Joan Wellington, IGES—Initial Graphics Exchange Specification, in Autofact III: Conference Proceedings, November 9-12, 1981, Detroit, Michigan, Society of Manufacturing Engineers, Dearborn, MI (1981).

[3] Sharon J. Kemmerer (ed.), STEP, the Grand Experience, NIST Special Publication 939, National Institute of Standards and Technology, Gaithersburg, MD (1999).

[4] Initial Graphics Exchange (IGES), (http://www.nist.gov/sc4/ national/usa/iges/iges.htm), National Institute of Standards and Technology. [5]Product Data Exchange Technologies Success Story Booklet, 1997 IPO Winter Meeting.

[6] IGES Workshop/Tools, (http://www.nist.gov/iges/iges Tools.html), National Institute of Standards and Technology.

In 1972, the NBS Institute for Computer Sciences and Technology (ICST) initiated a project in computer security, a subject then in its infancy. One of the first goals of the project was to develop a cryptographic algorithm standard that could be used to protect sensitive and valuable data during transmission and in storage. Prior to this NBS initiative, encryption had been largely the concern of military and intelligence organizations. The encryption algorithms, i.e., the formulas or rules used to encipher information, that were being used by national military organizations were closely held secrets. There was little commercial or academic expertise in encryption. One of the criteria for an acceptable encryption algorithm standard was that the security provided by the algorithm must depend only on the secrecy of the key, since all the technical specifications of the algorithm itself would be made public. NBS was the first to embark on developing a standard encryption algorithm that could satisfy a broad range of commercial and unclassified government requirements in information security.

Ruth M. Davis, then Director of ICST, asked the National Security Agency (NSA) to help evaluate the security of any cryptographic algorithm that would be proposed as a Federal standard. She then initiated the standard's development project by publishing an invitation in the Federal Register (May 15, 1973) to submit candidate encryption algorithms to protect sensitive, unclassified data. NBS received many responses demonstrating interest in the project, but did not receive any algorithms that met the established criteria. NBS issued a second solicitation in the Federal Register (August 17, 1974) and received an algorithm from the IBM Corp., which had developed a family of cryptographic algorithms, primarily for financial applications. After significant review within the government, NBS published the technical specifications of the proposed algorithm in the Federal Register (March 17, 1975), requesting comments on the technical aspects of the proposed standard. NBS received many comments on the security and utility of the proposed standard and held two public workshops during 1976 on its mathematical foundation and its utility in various computer and network architectures. After intense analysis of the recommendations resulting from the workshops, NBS

issued the Data Encryption Standard (DES) as Federal Information Processing Standard (FIPS) 46 on November 23, 1977 [1].

Many NBS, NSA, and IBM technical staff members participated in this initiative, which combined expertise from government and industry. In 1973 the Bureau hired Dennis Branstad to lead the new computer security project and to coordinate the DES development process. Miles Smid joined NBS in 1977 to aid in the adoption of the DES in numerous American National Standards. Both worked with their former NSA colleagues to ensure that the standard met its technical criteria and was useful in many commercial and government applications. The major IBM contributors to the design of the DES algorithm and its subsequent adoption as a Federal standard included: Horst Feistel, inventor of a family of encryption algorithms of which DES is a member; Alan Konheim and Don Coppersmith, mathematicians in the IBM research organization; Walter Tuchman, director of the IBM cryptographic competency center and the primary designer of the final DES algorithm; and Carl Meyer and Mike Matyas, who worked with Tuchman in specifying the DES and analyzing its security.

DES did more to galvanize the field of cryptanalysis than anything else. Now there was an algorithm to study.... Today, DES is is still the primary algorithm used to protect data in the financial services industry.

After NBS published the DES, the algorithm was adopted as an ANSI standard [2] in 1981 and incorporated in a family of related standards for security in the financial services industry. The DES became the world's most widely used encryption algorithm, particularly to protect financial information. Today, the American financial services industry depends almost entirely on the DES to encrypt financial transactions.

The DES algorithm is a block cipher that uses the same binary key both to encrypt and decrypt data blocks, and thus is called a symmetric key cipher. DES operates on 64-bit "plaintext" data blocks, processing them under the control of a 56-bit key to produce 64 bits of encrypted ciphertext. Similarly, the DES decryption process operates on a 64-bit ciphertext block using the same 56-bit key to produce the original 64-bit plaintext block.

DES uses a sequence of operations, including several substitution and permutation primitives, to encrypt a data block. These primitives are subsequently used to reverse the encryption operation. Horst Feistel defined a variety of substitution and permutation primitives which are iteratively applied to data blocks for a specified number of times [3,4]. Each set of primitive operations is called a "round," and the DES algorithm uses 16 rounds to ensure that the data are adequately scrambled to meet the security goals. The secret key is used to control the operation of the DES algorithm. Each key contains 56 bits of information, selected by each user to make the results of the encryption operations secret to that user. Any of approximately 10% keys could be used by the DES, and an attacker trying to "crack" a DES encrypted message by "key exhaustion" (trying every key) must, on average, try half of the total possible keys before succeeding.

The development of the DES was not without controversy. There were two main objections:

1. NSA worked with NBS throughout the DES development, evaluated the proposed DES algorithm, and recommended several changes to IBM. Specifically, IBM made changes to the S-boxes, the nonlinear substitution transformations that are the heart of the algorithm, to improve the security of the DES. During one of the public workshops, Tuchman stated that he had changed the S-boxes to satisfy a security requirement that he had not previously known, and that his group had optimized S-box operations to satisfy a technical constraint of the electronics that they were currently using. Some critics suspected that NSA had deliberately weakened, rather than strengthened, the S-boxes, or perhaps even introduced a "trap door" that would enable the intelligence part of the agency to decrypt messages encrypted by the DES.

2. A commonly accepted definition of a good symmetric key algorithm, such as the DES, is that there exists no attack better than key exhaustion to read an encrypted message. Critics argued that the 56-bit DES key was too short for long-term security, and that expected increases in computer power would

soon make a 56-bit key vulnerable to attack by exhaustion [5]. NBS responded that the standard was adequate against any practical attack for the anticipated life of the standard and would be reviewed for adequacy every five years. Moreover, although NBS did not stress this in their public response, NBS and Tuchman knew that the "DES core" could be used three times on the same block of data to extend the effective key length to 112 or 168 bits. The critics were not satisfied, contending that encrypted datawould remain sensitive for more than 5 years and that DES would be very hard to change once it became widely used.

In retrospect, the DES has proved to be much better than initially thought by its critics. After a quarter century, the DES has proved remarkably resistant to cryptanalytic attack, including attacks unknown in the open literature in the 1970s. It seems certain that, as Touchman stated, the S-box changes did strengthen the DES in order to withstand several attacks that were not public in 1977.

However, the critics were correct about the continuing improvement in electronic technology. While the lifetime of the DES standard was originally estimated to be 15 years, it is still a Federal Information Processing standard 23 years later. Due to the improvements in technology, any 56-bit secret-key algorithm such as the DES is now vulnerable to key exhaustion using massive, parallel computations. In 1997, a message encrypted with the DES was "cracked" in about 5 months by key exhaustion using a large network of computers. In 1998, the Electronic Freedom Foundation (EFF) constructed a special purpose electronic device to decrypt messages encrypted by the DES using custom-built semiconductor chips at a cost of about $130,000 [6]. The EFF “DES Cracker" can find the key used by the DES to encrypt a message in an average of about 4.5 days, and using more chips could reduce this time.

The current Data Encryption Standard (FIPS 46-3) [7] recommends an iterative use of the original DES algorithm (as the DES development team envisioned in the 1970s) known as "Triple DES" or "DES-3." DES-3 encrypts each block three times with the DES algorithm, using either two or three different 56-bit keys. This approach yields effective key lengths of 112 or 168 bits. DES-3 is considered a very strong algorithm, and one recent paper [8] suggests that a 112-bit symmetric key algorithm such as DES-3 should be secure until about the year 2050. The original 56-bit DES algorithm is widely used to protect financial transactions today and can easily be modified to be interoperable with DES-3 and a 112-bit key. Some cryptographers regard DES-3 as the most conservative