[cryptography] State of the art in block ciphers?

ianG iang at iang.org
Tue Dec 3 08:04:56 EST 2013

On 3/12/13 13:13 PM, Joachim Strömbergson wrote:

> So, the state of the art 2013 for block ciphers are the other AES
> finalists and some older national ciphers such as Camellia, SEED? Is
> that really the case?

Things in the cryptographic world have moved on.  In the 1990s, it was 
all about block ciphers.  Then we realised, actually the world is a 
stream, so we need stream ciphers.  Remember, that's what modes do.

But wait, we need authenticated ciphers!  Because without the A, the E 
isn't that reliable.  So HMACs and so forth ... and now we have CAESAR 
which is an AE cipher competition.

But, no!  We actually need an integrated PK-AE.  Like 
curve25519poly13005xsalsa20... and similar things that have been 
produced in other places (I call them cryptors).

So, out of the hard thinking that has been done in the last decade, 
there has been a realisation that what we need is a combined 
cryptographic software engineering block.  The old block cipher will be 
subsumed with that, and we don't actually expect to see another block 
cipher become a champion.

We expect a cipher suite to be the champion, and we expect it to do a 
whole lot more.

For my money, at least.


More information about the cryptography mailing list