[Cryptography] Why Rijndael ?
beloumi
beloumi at riseup.net
Tue Nov 3 03:49:37 EST 2015
Am 03.11.2015 um 08:09 schrieb Darkpassenger:
>
>
> On 2015-11-02 13:21, Peter Schwabe wrote:
>
>>
>> Dear dp,
>>
>> The best document I now of is the report by NIST on why they chose
>> Rijndael:
>> http://csrc.nist.gov/archive/aes/round2/r2report.pdf
>>
>> Best regards,
>>
>> Peter
>
> Thank you and the list for responses -- although they all were
> pointing to one
> same source , which is NIST's own report .
>
> for my own reasons , i do not trust NIST's crypto opinion , therefore
> i make my
> question a bit more clear :
>
> are there papers and studies apart from NIST or other usg bodies with
> "comparative"
> approach between the algos i mentioned in my original mail , and the
> study results
> in some kind of rationale that cryptoanalitically Rijndael was a
> better choice ?
> -- a paper that at least appears to be independent and not funded by
> like doe or
> similar players .
>
> regards
> -dp
> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography
There is also a paper from Schneier, Fergusson and others:
https://www.schneier.com/paper-twofish-final.pdf
They claim:
"those that thought security was paramount chose Serpent, while those more
concerned with performance chose Rijndael. Twofish represents a middle
road,
combining the best of both: very conservative security and very good
performance across all platforms."
So it's not so far away from NIST's choice.
But this is from May 2000. Today we are for example more aware about
cache-timing attacks
(but as I can see, non of these Algorithms is cache-timing constant).
Regards
Beloumi
More information about the cryptography
mailing list