<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: IDEA
From: "Ken Seefried" <ken,AT,seefried,DOT,com>
Date: Thu, 3 Apr 2003 20:47:56 +0200
In-reply-to: <200304011125.11214.dwilson@ibl.bm>

Eric M. Hopper writes:
> 
> I, personally, could care less about idea.  I would greatly appreciate
> Rijndael support.  Though, I've heard rumors of a Rijndael attack that
> halves the effective key length, so I'd prefer you implement the 256 bit
> variant of Rijndael.  :-) 
> 

While during the AES competetion there was some interesting work done to 
reduced-round variants of Rijndael (for example, 
http://www.counterpane.com/rijndael.html), I believe that most of the 
"rumoured" attacks against Rijndeal derrive from a paper by Courtois & 
Pieprzyk (on the somewhat overwrought 
http://www.minrank.org/~courtois/myresearch.html). 

This paper seems to have been fairly well debunked within the crypto 
community (see for example http://www.usdsi.com/aes.html, 
https://www.cosic.esat.kuleuven.ac.be/nessie/reports/phase2/Xslbes8_Ness.pdf 
, and postings to sci.crypt).  At best (worst?), it appears that XLS is a 
truely novel and interesting technique for which there is no basis to claim 
that it will result in a practical attack against real cyphers. 

Beyond that, every encryption algorithm has a fringe that claims to be able 
to attack it, but oddly never offers proof... 

I, too, think AES would be a nice addition to CIPE. 

Ken 





<< | Thread Index | >> ]    [ << | Date Index | >> ]