[cryptography] State of the art in block ciphers?
iang at iang.org
Tue Dec 3 08:04:56 EST 2013
On 3/12/13 13:13 PM, Joachim Strömbergson wrote:
> So, the state of the art 2013 for block ciphers are the other AES
> finalists and some older national ciphers such as Camellia, SEED? Is
> that really the case?
Things in the cryptographic world have moved on. In the 1990s, it was
all about block ciphers. Then we realised, actually the world is a
stream, so we need stream ciphers. Remember, that's what modes do.
But wait, we need authenticated ciphers! Because without the A, the E
isn't that reliable. So HMACs and so forth ... and now we have CAESAR
which is an AE cipher competition.
But, no! We actually need an integrated PK-AE. Like
curve25519poly13005xsalsa20... and similar things that have been
produced in other places (I call them cryptors).
So, out of the hard thinking that has been done in the last decade,
there has been a realisation that what we need is a combined
cryptographic software engineering block. The old block cipher will be
subsumed with that, and we don't actually expect to see another block
cipher become a champion.
We expect a cipher suite to be the champion, and we expect it to do a
whole lot more.
For my money, at least.
More information about the cryptography