"Arnold G. Reinhold" wrote:
This is just silly. There's nothing wrong with Rijndael. ... Testing is the most expensive part of any new cipher effort. So I
At 2:14 PM -0700 10/20/2000, Bram Cohen wrote: think there is a practical basis for at least asking if there is a simple way to combine the AES finalists and take advantage of all the testing that each has already undergone. And, IMHO, it is an interesting theoretical question as well. Even if the answer is "yes," I am not advocating that it be used in most common applications, e.g network security, because there are so many greater risks to be dealt with. But it might make sense in some narrow, high value, applications.
...which should then use OTPs, no? The whole point of AES was a combination of efficiency versus security. Otherwise, just use TripleDES. Getting Rijndael in use, out on its own, is the best way to verify whether it works well -- as efficiently and as securely as desired. This is the way to gain confidence, by testing. Trust is earned. Cheers, Ed Gerck