iangsystemics.com

• Next message: staymaccessdata.com: "Re: human failings question"
• Previous message: Rick Smith: "Re: human failings question"
• In reply to: Vin McLellan: "Re: Rijndael & NTRU"
• Next in thread: Alex Alten: "Re: Rijndael & NTRU"
• Next in thread: Bram Cohen: "Re: Rijndael & NTRU"
• Reply: Ian Grigg: "Re: Rijndael & NTRU"
• Reply: Alex Alten: "Re: Rijndael & NTRU"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Vin McLellan :
>
> > As Bram Cohen <bramgawth.com> put it:
> > >
> > > .>... Rijndael and Twofish...
> >
> >Rijndael, Serpent, and Twofish....

Yes, most predictions were coming down as Rijndael and something
else. We've been following it right from the start, and after
2nd AES conference, the weighting was leaning in Rijndael's
favour - it lost nothing in any comparison and generally came
out in the top one or two.

All the other algorithms had "grey marks" which lost them ground.
(I did write black marks but that's a bit too strong...)

I can't remember precisely, but Twofish was overly complex, and
difficult to understand. Serpent was unfortunately too conservative,
and tended to lose on performance. I think if the Serpent team had
submitted a tweak with less rounds in order to align more closely
with the other algorithms, the result might have been different,
and less of a foregone conclusion. But, it seems as if the Serpent
team was a little trapped by the rules there, and declined to tweak.

> Not to take anything from Rijndael, which is both popular and
> widely respected among many critical professionals,

Yes, this actually helped a lot. There are some wildly successful
cryptographers who are not internally respected, and this tends to
bias the other cryptographers against their work. You can see this
in the amount of analysis that some algorithms have received - if
you haven't built up a lot of respect in the industry, it is hard
to get your algorithm taken seriously, and this shows through in
the writings and comments. Just an outsider's view, not being a
cryptographer, but it is nice to see that the nice guys won this
one, and being nice seemed to help them!

> but I suspect that one
> of the more long-lasting (pseudo-conspiratorial) theories about the
> selection of Rijndael as the AES will be built around the fact that
> Rijndael's design apparently allowed it -- and it alone of the final five
> -- to escape the scope of a current US patent issued to Hitachi (which is
> said to cover the use of data rotation in encryption.)

Yes, this makes a nice conspiracy for cypherpunks, et al, as the
correlation is interesting. But even that august body, slashdot,
pointed out that there is 2000 years of precedence in data rotation
as used in encryption.

> I noticed, Paulo, that you were one of those who were
> (unsuccessfully) nagging NIST for information about their reaction to the
> Hitachi IP claims.

I think NIST is right to ignore this particular piece of stupidity
and concentrate on more important things... Like SHA-2 ...

iang

PS: we're drifting away from context so I've dropped the cryptix
support list.

• Next message: staymaccessdata.com: "Re: human failings question"
• Previous message: Rick Smith: "Re: human failings question"
• In reply to: Vin McLellan: "Re: Rijndael & NTRU"
• Next in thread: Alex Alten: "Re: Rijndael & NTRU"
• Next in thread: Bram Cohen: "Re: Rijndael & NTRU"
• Reply: Ian Grigg: "Re: Rijndael & NTRU"
• Reply: Alex Alten: "Re: Rijndael & NTRU"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]