Too Much Crypto

We show that many symmetric cryptography primitives would not be less safe with significantly fewer rounds. To support this claim, we review the cryptanalysis progress in the last 20 years, examine the reasons behind the current number of rounds, and analyze the risk of doing fewer rounds. Advocating a rational and scientific approach to round numbers selection, we propose revised number of rounds for AES, BLAKE2, ChaCha, and SHA-3, which offer more consistent security margins across primitives and make them much faster, without increasing the security risk

The Myth of Superiority of American Encryption Products

Encryption software and hardware use sophisticated mathematical algorithms to encipher a message so that only the intended recipient may read it. Fearing that criminals and terrorists will use encryption to evade authorities, the United States now restricts the export of encryption products with key lengths of more than 56 bits. The controls are futile, because strong encryption products are readily available overseas. Foreign-made encryption products are as good as, or better than, U.S.-made products. U.S. cryptographers have no monopoly on the mathematical knowledge and methods used to create strong encryption. Powerful encryption symmetric-key technologies developed in other countries include IDEA and GOST. Researchers in New Zealand have developed very strong public-key encryption systems. As patents on strong algorithms of U.S. origin expire, researchers in other countries will gain additional opportunities to develop strong encryption technology based on those algorithms