The cr.yp.to microblog: 2013.01.16 11:02:16

2013.01.16 11:02:16 (291485511875428352) from Daniel J. Bernstein, replying to "CodesInChaos (@CodesInChaos)" (291481975506759680):

@CodesInChaos eSTREAM ciphers are more widely used today (scrypt, VMWare View, DNSCrypt, etc.) than AES was after a similar number of years.

Context

2013.01.15 17:55:55 (291227225427177473) from Daniel J. Bernstein, replying to "Matthew Green (@matthew_d_green)" (291209561979883521):

@matthew_d_green AES + an AE mode will give you an authenticated cipher, but teaming up with a cipher designer should give better results!

2013.01.15 18:14:09 (291231812443848704) from "CodesInChaos (@CodesInChaos)":

@hashbreaker @matthew_d_green But comes at a high price. You get a non standard, less analyzed primitive that's implemented in few libs.

2013.01.16 10:17:28 (291474239717011456) from Daniel J. Bernstein, replying to "CodesInChaos (@CodesInChaos)" (291231812443848704):

@CodesInChaos @matthew_d_green Submissions for AES, SHA-3, etc. all started out "non standard", "less analyzed", "implemented in few libs".

2013.01.16 10:48:13 (291481975506759680) from "CodesInChaos (@CodesInChaos)":

@hashbreaker The big difference is that those get the marketing power of "NIST approved". Look at how few users eSTREAM ciphers have.