There are many other ciphers in use, in addition to AES. We list some here giving a very brief summary of their features.

**DES**: Data Encryption Standard is the predecessor of AES. It has been published in 1975 and derives from Lucifer (IBM). It has been the most used and implemented cipher in the history and it is currently used in many application, especially in the triple version below. DES major problem is the key-length (only 56 bits) that is considered vulnerable with modern parallel computers.**3DES**: is a triple iteration of DES. The aim is to increase the key-length. Due to the meet-in-the-middle attack, the triple key of 168 bits is, in fact, equivalent in strength to a key of 112 bits. Meet-in-the-middle is also the reason why 2DES makes no sense: the 112-bit key could be broken in a 2^{56}time/space complexity brute force attack.

3DES is implemented, for example, in SSH, TLS/SSL and is adopted in many commercial applications. Moreover, bank circuits and credit card issuers use it in smartcard based applications and for PIN protection.**IDEA**: International Data Encryption Algorithm, was proposed in 1990 as a substitute of DES. It is currently adopted in many applications. This cipher is not based on non-linear substitutions (S-Boxes). Instead, confusion and diffusion are obtained by a combination of three operations: xor, sum and multiplication modulo 2^{16}. Patent issues have reduced the popularity of this cipher. Compared to other, IDEA performance is not so high.**Blowfish**and**Twofish**: Blowfish has been proposed in 1993. It is a cipher with peculiar features: It is very fast, compact and simple to implement, with a very highly configurable security: key length is variable up to 448 bits which allows for security/speed trade-off. As DES it is based on xor and S-Boxes which are not fixed but computed using the cipher itself and the actual key. These key-dependent S-Boxes make brute-forcing particularly expensive: for each key it is necessary to generate the S-Boxes which takes 522 iterations of the algorithm.

Twofish is one of the**finalists of AES**and is the “successor” of Blowfish. Both ciphers have been developed by Bruce Schneier.**RC2**,**RC5**,**RC6**: Family of ciphers developed by Ron Rivest (one of the fathers for RSA public-key cipher). RC5 (1994) has the peculiar feature of using data dependent rotations. Moreover, the cipher is extremely simple but requires a complex key-expansion procedure: each round is just two XORs, two sums modulo and two rotations. This cipher is highly configurable on the number of rounds, key-length and word-length, which allows for a sophisticate trade-off between security and performance.

RC6 has been one of the**AES finalists**.