The microblog: 2016.04.12 15:45:02

2016.04.12 15:45:02 (719884030796177409) from Daniel J. Bernstein:

Most recent public breaks of NSA's Simon+Speck have jumped to ~70% rounds for all variants. NSA tries to pretend it knew this would happen.

2016.04.12 15:49:48 (719885228920057857) from Daniel J. Bernstein:

A minute later the same NSA designer advocates 48-bit block size and claims incorrectly that CTR mode makes this safe for gigabytes of data.

2016.04.12 16:04:47 (719889001444839424) from Daniel J. Bernstein:

NSA claims that having 70% of Simon+Speck broken is ok. Why? "AES." Um, how about ARX? "ChaCha." But ChaCha has much bigger security margin.