[cryptography] State of the art in block ciphers?

Joachim Strömbergson Joachim at Strombergson.com
Fri Nov 29 05:49:20 EST 2013


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Aloha!

Just realized that AES is more than 10 years, and has been an amazing
success. But at the same time, looking at SSL/TLS, the number of widely
deployd symmetric ciphers is decreasing. RC4 will probably be deprecated
in the near future leaving us with basically AES, 3DES.

Getting a new stream cipher (like Salsa20, ChaCha) into SSL/TLS has been
met with some resistance with arguments that we don't need it since we
have good stream cipher modes like GCM that provides good performance as
well as authentication after encryption. And yes, that is true. But the
cipher agility is reduced. We might end up with only AES as the widely
deployd cipher. I'm not convinced that is a good development.

So, my thinking is that what can we do to as easily as possible
complement (not replace) AES with that can be dropped in into similar
suites such as TLS_DH_RSA_WITH_AES_128_GCM_SHA256 (RFC2588)? A block
cipher that provides at least as good performance and security but is
based on different mechanisms to protect from possible future weaknesses
easily affecting both AES and the other cipher.

Sound good, bad, dumb?

The question is then - what is state of the art in block cipher design?
What would be the candidates to complement AES in SSL/TLS?

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAlKYcTAACgkQZoPr8HT30QHMvgCeKdBzjlb91ndWvMf2tzTcSmNk
VGYAoK8RjzTIpFZhG4oSPXf2qYguBPwg
=aOw0
-----END PGP SIGNATURE-----


More information about the cryptography mailing list