Cryptanalysts find AES candidates' shortcut already? :: counterpane First news post For those who don't read Bruce Schneier's crypto-gram every month, there is now some concern over two AES candidates, namely the winner Rijndael and runner up Serpent, although this appears no quick route to breaking them, it is considerably more effective than a brute force attack and is raising concerns over their long term effectiveness. "The work is fascinating. During the AES process, everyone agreed that Rijndael was the risky choice, Serpent was the conservative choice, and Twofish was in the middle. To have Serpent be the first to fall (albeit marginally), and to have Rijndael fall so far so quickly, is something no one predicted. But it's how cryptography works. The community develops a series of algorithms for which there are no known attacks, and then new attack tools come out of the blue and strike a few of them down. We all scramble, and then the cycle repeats. " "We're starting to see the new attack tools that work against some of the AES finalists. It's an open question as to how long the tools will remain theoretical. But many cryptographers who previously felt good about AES are having second thoughts. " crypto-gram (monthly and a good read btw) also story from TheReg
