Jim wrote:

"and therefore insecurity"

Does not follow.

I would argue that rather the simpler, the stronger. A simple structure, if it can be broken, would have simple breaks.

So what do you make of this bit from the abstract: "The security of Rijndael depends on a new and untested hardness assumption: it is computationally infeasible to solve equations of this type." How long do you think that's going to keep it "secure", all things considered? Even though the Senate Select Committee on Intelligence in '78 cleared the NSA of any charges of introducing deiberate weakness into DES by modifying the S-boxes, everybody knows they broke it ages ago anyway. Or at least that's the way the hearsay and hot air blows. What makes you think things are going be any different this time around, the NSA theoreticians aren't anymore likely to give up and kick back than they ever were. You can do a lot with plaintext/ciphertext and statistical calculation: it stands to reason that while most people get stuck nattering on about what you can't do computationally, other people are quietly exploring what else can actually be done with available resources. The smartest, cleverest and most creative prevail, no matter which sector pays their paycheck. The effect of intitutional baggage on performance is a seperate issue, but as the cypherpunk movement itself shows, it's dangerous to discount anyone for not being a part of any given work environment. I happen to think fundamental respect for brainpower and ability should go both ways. ~Faustine.