It seems that they're ditching the NIST crypto suite for the Schneier suite. </joke>
I can understand the skepticism of anything NSA-related, but I'm skeptical that switching is better. These are two algorithms that aren't as thoroughly analyzed.
One of the problems is that AES and Twofish were introduced 14 years ago at this point. AES has been hammered on by everyone since then, whereas interest in Twofish waned after it didn't win. We've seen a little bit about Twofish since, but an order of magnitude more on AES. The scary thing is if modern advances could be used to attack Twofish, but because Twofish hasn't gotten enough attention we don't know yet.
Skein is probably at least as strong as SHA-2, but again, we've hammered on SHA-2 much longer than Skein.
1 comment
[ 2.7 ms ] story [ 7.2 ms ] threadI can understand the skepticism of anything NSA-related, but I'm skeptical that switching is better. These are two algorithms that aren't as thoroughly analyzed.
One of the problems is that AES and Twofish were introduced 14 years ago at this point. AES has been hammered on by everyone since then, whereas interest in Twofish waned after it didn't win. We've seen a little bit about Twofish since, but an order of magnitude more on AES. The scary thing is if modern advances could be used to attack Twofish, but because Twofish hasn't gotten enough attention we don't know yet.
Skein is probably at least as strong as SHA-2, but again, we've hammered on SHA-2 much longer than Skein.