
Too Much Crypto [pdf] - tptacek
https://eprint.iacr.org/2019/1492.pdf
======
rendx
Abstract: "We show that many symmetric cryptography primitives would not be
less safe with significantly fewer rounds. To support this claim, we review
the cryptanalysis progress in the last 20 years, examine the reasons behind
the current number of rounds, and analyze the risk of doing fewer rounds.
Advocating a rational and scientific approach to round numbers selection, we
propose revised number of rounds for AES, BLAKE2, ChaCha, and SHA-3, which
offer more consistent security margins across primitives and make them much
faster, without increasing the security risk."

by Jean-Philippe Aumasson

------
loeg
Somehow submitted an hour later with the same URL; much more discussion here:
[https://news.ycombinator.com/item?id=21917505](https://news.ycombinator.com/item?id=21917505)

