Login
Login

Talk:Advanced Encryption Standard

{{Talk header|noarchive=yes|search=no}}

{{WikiProject banner shell|class=B|1=

{{WikiProject United States|importance=Mid|USGov=Yes|USGov-importance=Low}}

{{WikiProject Cryptography|importance=Top|computer-science-importance=high}}

{{WikiProject Mathematics|priority=Low}}

{{WikiProject Computing|importance=Mid|security=yes|security-importance=high|network=y|network-importance=low|software=y|software-importance=low}}

{{WikiProject Technology}}

{{WikiProject Electronics|importance=Low}}

{{WikiProject Business|importance=Low}}

}}

{{User:MiszaBot/config

| algo=old(1000d)

| archive=Talk:Advanced Encryption Standard/Archive %(counter)d

| counter=1

| maxarchivesize=75K

| archiveheader={{Automatic archive navigator}}

| minthreadsleft=1

| minthreadstoarchive=1

}}

{{Archives|age=1000|bot=lowercase sigmabot III|large=yes}}

Citation Needed for Optimization of Cipher

Where did the information in this section come from?

129.74.154.239 (talk)

Poorly referenced assertion that ChaCha is better.

In [https://en.wikipedia.org/w/index.php?title=Advanced_Encryption_Standard&type=revision&diff=1007241325&oldid=1006557875 this diff], someone added the following content:

::Where the CPU hardware does not support AES acceleration, ChaCha is an alternative cipher with better performance and without sacrificing security.

AES-128 broken to a complexity of 2^96

[https://github.com/pbug44/misc/tree/main/cg4 join the effort it's open!]

The main programmer who is doing this work, is limited to a 4 core Xeon 1275 with 3 active cores. We need people with fast boxes and a will to look at the code and improve it.

Supported by the following refs:

  • {{cite web |title=So you want to use an alternative cipher… |url=https://blog.cryptographyengineering.com/2012/10/09/so-you-want-to-use-alternative-cipher/ |website=A Few Thoughts on Cryptographic Engineering |language=en |date=9 October 2012}} (Blog, unreliable source)
  • {{cite web |last1=Bernstein |first1=Daniel |title=Why switch from AES to a new stream cipher? |url=https://cr.yp.to/streamciphers/why.html#:~:text=The%20answer%20is%20simple%3A%20Salsa20,speed%2Dsecurity%20profile%20than%20AES. |website=cr.yp.to |access-date=17 February 2021}} (The website of the maker of ChaCha is not going to be neutral w.r.t ChaCha)

This violates WP:UNDUE, especially since the references supporting this assertion are rather dubious. Blogs are not reliable sources, as per WP:BLOGS. The website of the designer of ChaCha is not a neutral nor reliable source, as per WP:NPOV and WP:SPS. Samboy (talk) 21:20, 29 January 2022 (UTC)

Neither of those references supports the claim in any way. —Naddy (talk) 10:24, 9 May 2024 (UTC)

Quantum attacks

The Quantum attacks section states that AES-128 will be insecure (due to Grover’s algorithm). I'm not an expert, but as I understand it there is debate around the topic and this should be reflected in the article. See [https://csrc.nist.gov/Presentations/2024/practical-cost-of-grover-for-aes-key-recovery NCSC presentation] and [https://csrc.nist.gov/pubs/ir/8547/ipd NIST IR.8547 (ipd)], both more recent than the citations in the article. 217.146.114.206 (talk) 09:06, 5 June 2025 (UTC)