As of May 26, 2002, the new standard used by the U.S. government for protecting sensitive, but not classified, data is  AES (Advanced Encryption Standard).  This new standard was the result of a "best of breed" approach in which multiple encryption algorithm (MARS, RC6, Rijndael, Serpent, and Twofish) were submitted and evaluated on the basis of not only brute protection, but also speed, maintenance, and administration.  As a result of this process, the Rijndael algorithm was selected to be the official algorithm of the new standard.

Rijndael (as implemented in AES) is a symmetric block cipher that uses 128-, 192-, and 256-bit keys (in blocks of 128 bits).  Although all the algorithms submitted to the government were considered strong enough for AES, Rijndael excelled in areas of performance, efficiency, and flexibility.  These areas take on additional importance when you understand that the protocol has to be implemented in hardware/software combinations with less power than traditional desktop computers (such as radios, key/card readers, and other devices).

And what about the IETF's opinion of AES and the AES algorithm?  After performing a stuffy review of IETF protocols (including SSL [Secure Socket Layer], S/MIME [Secure Multipurpose Internet Mail Extension], SSH [Secure Shell], and Kerberos, among others), they reached the conclusion that most protocols that already use encryption can be easily modified to accommodate it.  As a result, by the end of 2003, all IETF protocols will be AES-capable, even though  DES/3DES will still be supported a little beyond that date.

(Source:  "Security Complete" 2nd Edition, Sybex")