Rijndael Cryptanalysis Results

Anonymous Coward writes: "It appears by reading here that the Rijndael encryption algorithm has had more organized cryptanalysis performed against it and might not have fared too terribly well even using up to 9 rounds." Rijndael is one of the candidates for the U.S. Government's next-generation encryption standard.

The obvious has to be said...

Since Round 2's comment period ended (go fig) the only real candidates have been Serpent and Rijndael. We've yet to see an even remotely applicable assault on Serpent as submitted, Serpent's speed has increased by a factor of 2-4 to catch up with everyone else, and in many cases leave them in the dust on raw speed, and now possibly assaults are being found on relatively beefy variants of it's only competitor, Rijndael. Looks like the underdog might get the gold afterall. Here's rootin' for da' snake in da' grass!

Re:The obvious has to be said...

[prizog]

I'm not so sure about that. From what I could see, Rijndael was very weak even before this. 7 or 8 rounds (out of a recomended 10) could be broken. This doesn't leave a very good safety margin.

Twofish seems to be very resistant to all known attacks, and certainly can't be counted out.

Rijndael Cryptanalysis result

[delboy+monkey]

An established attack on a reduced round version of a cypher doesn't mean the cypher is weak. A cypher must be considered in it's entirety else you are cryptanalysing a different cypher. It is accepted practise to attack reduced rounds then build on those attacks, but to imply a cypher is weak because it's six round variant can be broken in only half of eternity is misleading. (the nine round attack requires so much known text and so many related keys, it would be more practicle to mount a brute force attack)