Strongest Key, Hash, and Cypher Algorithms

Ryan Malayter rmalayter at
Mon Feb 7 22:01:45 CET 2005

[From Atom Smasher]
> i don't like AES... 

None of the papers I've read suggest anything close to an attack that is
better than brute-force on full-round AES. Although, I have seen some in
the crypto field complain Rijndael is just "too simple" to be secure. Of
course, the same was said about RC4 many years ago, and AFAIK there are
still no attacks better than brute force against the RC4 algorithm
itself (protocol issues in WEP don't count).

Just to edjumacate myself, as W. would say, what are your reasons for
disliking AES? I've been using it more and more frequently for VPNs I
set up when there is no hardware crypto assist available, since the CPU
utilization is so much lower than with 3DES.

I just want to make sure I'm not missing something. Did anything "scary"
come out about AES recently?


More information about the Gnupg-users mailing list