biology daily - the biology and biochemistry encyclopedia
biology daily articles and research Encyclopedia Dictionary Forums biology research links Weblinks Pictures Articles Blogs Newsletter
shortcuts ask a question suggest a weblink upload pictures publish articles new blog entry

Talk:Advanced Encryption Standard

Contents
1 what doubts? what experts?
2 more pronounciation problems
3 merge w/ Rijndael?
4 "GPL license"
5 Comparison to other algorithms

what doubts? what experts?

The article says 'some experts doubt that it is really as secure as it should be for important applications'.

Which experts?

-- The Anome

Bruce Schneier and Rich Schroeppel are two who come to mind. A few others seem to have vague doubts. I should point out that Rijndael has not actually been broken, and in fact it has been proven mathematically that some of the more popular methods can't break it. The main worry is that the whole thing looks too simple, and has more algebraic structure than is normal for a block cipher. There is a possibility that some new kind of algebraic attack might exist.

If you trawl through the AES website, you can find the public comments, and quite a few there thought Rijndael was too simple. (Note that not all the comments are by experts though :-) When the final choice was announced, Schneier said

"I believe that within the next five years someone will discover an academic attack against Rijndael. I do not believe that anyone will ever discover an attack that will allow someone to read Rijndael traffic. So while I have serious academic reservations about Rijndael, I do not have any engineering reservations about Rijndael."

which is not the most ringing endorsement you could hope for.

I have seen a draft of a paper by Ferguson, Schroeppel and Whiting, pointing out all sorts of interesting algebraic properties of Rijndael, of a kind that make some people nervous, but without actually finding a break. Not sure if they managed to get it published yet, or if so where.

So my statement in the article might be just slightly too strong as it is, but we should probably convey somehow that not all the experts find Rijndael completely convincing.

When did Bruce Schneier raise doubts about AES? Is there a published paper about this that you can point me to? To my knowledge, Schneier even recommends AES to be used instead of his very own Blowfish in new designs, despite the fact that, to date, there are no known vulnerabilities to the Blowfish. --K1 11:14, 21 Jun 2004 (UTC)
Ferguson and Schneier are cool about the algorithm in Practical Cryptography (2003), if I remember correctly. I'll try and look it up. — Matt 12:55, 21 Jun 2004 (UTC)
p56: "We have one criticism of AES: we don't quite trust the security"; p57, discussing possible algebraic cryptanalysis: "This is an extremely unfair criticism of AES. We don't have an attack on AES. And every cipher, including AES, could be attacked in the future. Yet the simple algebraic structure of AES opens it up to an entirely different class of attacks."; p58: "In the end, everybody will use AES because it is the U.S. government standard. We even advise people to use it, because it is the standard and using the standard avoids lots of discussions and problems...the aggressive design coupled with the clean algebraic structure just makes us uneasy." — Matt 13:12, 21 Jun 2004 (UTC)

more pronounciation problems

You have to say "Rhine doll" like a North American, or it is just wrong.

merge w/ Rijndael?

Would anyone object to making this article about the AES standard (i.e. a general term description, listing of the finalists, etc.) and kept all the stuff specifically about Rijndael in the Rijndael encryption algorithm article ? --Imran 02:35, 1 Feb 2004 (UTC)

Hmm...AES is now essentially synonymous with Rijndael; the a minor technical difference isn't worth having two pages (Rijndael has a wider range of block sizes specified). My suggestion would be to merge Rijndael and AES, and the discussion of the competition and other finalists can remain in AES competition. — Matt 03:32, 14 Jul 2004 (UTC)
Matt, Imran's got the right of it here, I think. AES =/= Rijndael quite. There are permitted block length differences if nothing else. That sort of thing probably doesn't belong in AES, aside from a note about the not quite exact identity of the two, but does belong in Rijndael. Reactions? ww 19:42, 14 Jul 2004 (UTC)
The difference is hairsplitting, really, and since Rijndael has been adopted as the AES, they are used synonymously in practice. I don't think it's sustainable to have two separate articles based on a small technicality when a single sentence in the lead section of AES would suffice. — Matt 20:01, 14 Jul 2004 (UTC)

"GPL license"

"GPL license" makes as much sense as "LCD display". I'll leave it to the native speakers to get rid of this "General Public License license". How about:

  • just "GPL"
  • "GPL-licensed" (if this is English ;-)
  • "GP license" or "GP License" (unfamiliar)
  • "General Public License"


80.237.206.93 02:54, 19 Jan 2005 (UTC)

Comparison to other algorithms

This might be out of scope of the article but how does AES 256 compare to blowfish and other algorythms in issues such as encryption time, hypothetical security etc

Regarding encryption time, Rijndael was chosen as AES over a number of other candidates in part because of its good performance over a range of platforms (this should, at some stage, be explained in the AES process article). To be honest, you'd probably want to compare Twofish with AES in this regard, rather than Blowfish. Blowfish has a very complex key schedule, which means that it takes a lot of time to process the key before encryption can take place — Rijndael is faster in this respect.
No problems with the security of any of AES, Twofish or Blowfish have been established. — Matt Crypto 13:06, 14 Mar 2005 (UTC)


Contents
08-19-2006 15:59:36
The contents of this article are licensed from Wikipedia.org under the GNU Free Documentation License. How to see transparent copy
BiologyDaily.com 2005. Legal info