[8006] in cryptography@c2.net mail archive
Re: Paranoid Encryption Standard (was Re: Rijndael & Hitachi)
daemon@ATHENA.MIT.EDU (Damien Miller)
Fri Oct 27 11:46:07 2000
Date: Fri, 27 Oct 2000 16:16:56 +1100 (EST)
From: Damien Miller <djm@mindrot.org>
To: "Arnold G. Reinhold" <reinhold@world.std.com>
Cc: John Kelsey <kelsey.j@ix.netcom.com>, Bram Cohen <bram@gawth.com>,
cryptography@c2.net, cypherpunks@cyberpass.net
In-Reply-To: <v0421010eb61ce7318ec3@[24.218.56.92]>
Message-ID: <Pine.LNX.4.21.0010271614180.1075-100000@mothra.mindrot.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Thu, 26 Oct 2000, Arnold G. Reinhold wrote:
> simple way to combine the AES finalists and take advantage of all the
> testing that each has already undergone. And, IMHO, it is an
> interesting theoretical question as well. Even if the answer is
> "yes," I am not advocating that it be used in most common
> applications, e.g network security, because there are so many greater
> risks to be dealt with. But it might make sense in some narrow, high
> value, applications.
What threat model do you propose that would require this?
I can't think of anything that isn't contrived and couldn't be served
by using 3DES.
-d
--
| ``We've all heard that a million monkeys banging on | Damien Miller -
| a million typewriters will eventually reproduce the | <djm@mindrot.org>
| works of Shakespeare. Now, thanks to the Internet, /
| we know this is not true.'' - Robert Wilensky UCB / http://www.mindrot.org
