The cr.yp.to microblog: 2011.12.09 14:44:01

2011.12.09 14:44:01 (145136621497499648) from Daniel J. Bernstein, replying to "Matthew Green (@matthew_d_green)" (145132616977358848):

@matthew_d_green Are you saying that when you review crypto software using AES you _don't_ find security problems? Serpent bad, AES good?

Context

2011.12.09 11:28:49 (145087498001985536) from Daniel J. Bernstein, replying to "Matthew Green (@matthew_d_green)" (143698447189553152):

@matthew_d_green Seriously? Whenever you see non-standard crypto, you confidently say it's bad? You claim that Serpent is bad, for example?

2011.12.09 11:43:04 (145091081296551937) from "JP Aumasson (@veorq)":

@hashbreaker @matthew_d_green guess we all agree that Pr( bad | non-standard) >= Pr( bad | standard ) /cc @cryptopathe

2011.12.09 14:16:54 (145129796433743872) from Daniel J. Bernstein, replying to "JP Aumasson (@veorq)" (145091081296551937):

@aumasson There's very little evidence for this Pr inequality. Anyway, @matthew_d_green seems to be claiming something much more extreme.

2011.12.09 14:28:06 (145132616977358848) from "Matthew Green (@matthew_d_green)":

@hashbreaker @aumasson ... then chances are I'm going to find a bug. That doesn't mean every non-standard algorithm is insecure.