On Fri, 26 Nov 2004 00:42:15 -0800, James Couzens <jcouzens(_at_)6o4(_dot_)ca>
wrote:
This is incorrect. Twofish is nearly as fast as AES, and a much more
secure. The performance hit is a cost of about 5% to software
implementations because 1-bit rotations to the cipher to break up the
byte aligned structure. Further Twofish these rotations result in the
encryption and decryption algorithms differing making implementations
more expensive.
Your wording "appears" is quite troubling. Twofish is a stronger
algorithm, by a long shot. The most troubling part about AES is its
simplistic algebraic structure, and Schneier and Ferguson are most
certainly not the only ones who have voiced their criticism of this.
Cryptographers have no expertise in this area and what scares me most
about this is that its striking resemblance to "Security through
Obscurity"... remember where that gets people?
While I appreciate that you are a paragon of list etiquitte in
presenting your views James, at times your science leaves a little bit
to be desired and you do take us pretty far afield from the gist of
the thread. Be that as it may, I refer you to
http://csrc.nist.gov/CryptoToolkit/aes/round2/comments/20000316-bgladman.pdf
You know, the folks that actually made the evaluation and
decision...oh yeah, Bruce Schneier had input into the document before
it was published. There are also other studies (versus your opinion)
that concur with the results indicated in the referenced paper. The
crypto (class) modules I recently took at CERT also support what NIST
(and others) indicate.
I am more than happy to acknowledge your blinding brilliance if you
present suitable empirical evidence and/or citations to support your
assertions. If you wish to continue the thread then we can take it
someplace more appropriate to crypto discussions.
Happy Thanksgiving to you.
Mike