[Cryptography] Why Rijndael ?

[ianG]

On 4/11/2015 04:01 am, Darkpassenger wrote:
> now this is the question : are there independent , non-usg funded
> comparative cryptoanalysis anywhere ever done
> over the past decade and a half , to examine the results of NISTs
> seperetly , whether come to same conclusion of
> a different one ?


The AES process was a competition.  The last 5 contenders were all 
heavily trawled over by all the cryptography groups in the last 5 and 
many others.  There was no mention at all by any of them that any of the 
5 were in any way unsuitable - everyone was pretty convinced we'd got 5 
best of class algorithms and any would be a good choice.

In terms of your question - the competition was an independent 
operation.  NIST made the final choice, sure, but the competition 
surfaced that we had 5 good algos.

The winner was chosen on the margin - good in all categories whereas the 
others seemed to have some more darker sides.

I don't recall really at the time, but as an anecdote, my team doing 
Java Cryptix at the time predicted before the end that Rijndael would be 
the winner.  Well, we were a bit involved as coders of the test suite 
and some of the algos, but certainly NIST wasn't listening to us on the 
crypto :)



> has this been tested against others somewhere else other than a .gov
> funded and is such paper or combinations
> of papers could be produced to finally guys here -- with common sense ,
> realize that NIST with selecting
> Rijndael had only intentions that it states in its own paper . and due
> those criteria ,

AES has been subject to a lot of attacks ... it's even lost a few bits 
of strength in dramatic circumstances.  But the NIST process itself has 
not been scrutinised as far as I know.


> Rijndael , was the best
> choice . eventually proving no hidden agenda , no very sneaky crypto job
> that makes our kind of people
> convinced its safe enough but some other powerful player who doesnt have
> good history in our field is doing
> satanic laugh for like 15 years now because in their true view Rijndael
> wasnt truly the best choice , it was
> just selected and promoted and backed by .gov for a hidden agenda . with
> my original question i am trying
> to remain objective and look for various kinds of evidence as much as
> possible before a educated guess or
> conclusion .


SO, it is possible that the Rijndael team were a put-up job.  But we 
still got a best of class algorithm.  We got an algorithm that could in 
that weirdo case still only be hacked by the NSA.  And even then, 
looking at the situation, we'd be likely saying that they need to run 
their supercomputers at overdrive and turn off the lights in Utah for a 
week to crack one SSL session.  Pointless - the real game is hacking 
RSA.  And the real real game is in hacking the code in your browser, or 
the IETF WGs or the OS suppliers or any of 100 easier targets.

If there is one thing that is rock solid strong, it's the encryption 
algorithms.



iang