Status of attacks on AES?
Marcos el Ruptor
ruptor at cryptolib.com
Thu May 11 00:50:26 EDT 2006
On Wed, 10 May 2006 10:01:57 -0600, John R. Black wrote
> On Thu, May 04, 2006 at 10:30:40AM -0500, Marcos el Ruptor wrote:
> >
> > http://defectoscopy.com/forum/viewtopic.php?t=3
> >
> > Expect new attacks soon enough.
> >
> I skimmed this. The start of the article says that after 3 rounds
> AES achieves perfect diffusion?!
It doesn't say that. Obviously you didn't read the article. It says that the
current version of our general purpose automated black-box tests can easily
distinguish 4 rounds of the AES from random and it says that *if* the AES
achieved complete diffusion [in the context of automated cryptanalysis] in 3
rounds [as Whirlpool does for example], then maybe 10 rounds could suffice
against most attacks although we would advise 12. But with 5 rounds required
to pass our tests we have serious reasons to believe that the AES will be
broken in the near future and that at least 20 rounds are required for it to
be secure.
Ruptor
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list