Eric M. Hopper writes:
> I, personally, could care less about idea. I would greatly appreciate
> Rijndael support. Though, I've heard rumors of a Rijndael attack that
> halves the effective key length, so I'd prefer you implement the 256 bit
> variant of Rijndael. :-)
While during the AES competetion there was some interesting work done to
reduced-round variants of Rijndael (for example,
http://www.counterpane.com/rijndael.html), I believe that most of the
"rumoured" attacks against Rijndeal derrive from a paper by Courtois &
Pieprzyk (on the somewhat overwrought
This paper seems to have been fairly well debunked within the crypto
community (see for example http://www.usdsi.com/aes.html,
, and postings to sci.crypt). At best (worst?), it appears that XLS is a
truely novel and interesting technique for which there is no basis to claim
that it will result in a practical attack against real cyphers.
Beyond that, every encryption algorithm has a fringe that claims to be able
to attack it, but oddly never offers proof...
I, too, think AES would be a nice addition to CIPE.