Since the specification for AES were not secret, it is expected that AES will also see much use in non-government applications, and outside the US. This was the case for its predecessor DES.
The requirements for the new standard were quite tough. A block size of 128 bits was specified, and key sizes of 128, 192, and 256 bits have to be possible. It was also required to be extremely secure, and speed was considered important. It had to be capable of running in extremely small embedded systems with only a few kiloBytes of ROM and 64 bytes of RAM.
Fifteen different designs were submitted, from several different countries. They were, in alphabetical order: CAST-256[?], CRYPTON[?], DEAL[?], DFC[?], E2[?], FROG[?], HPC[?], LOKI97[?], MAGENTA[?], MARS[?] RC6, Rijndael, SAFER+[?], Serpent[?], and Twofish. Some were found to be less secure than required. Others were deemed uncompetitive in other ways, and a short list of five designs was selected for Round 2 of the selection process: MARS, RC6, Rijndael, Serpent, and Twofish.
On October 2, 2000, NIST announced that Rijndael had been selected as the proposed AES, and underwent the process of being made the official standard. On November 26, 2001, NIST announced that AES was approved as FIPS PUB 197.