Re: Cryptology ePrint Archive: AES seems weak - comments?

Markus Jansson <seemyhomepage@xxxxxxxxxxxxxxxxxxxx> writes:
Any comments folks about this one? Seems one more nail to the AES:s
coffin (and maybe to few others too).
http://eprint.iacr.org/2007/248

To be honest he comes over as a bit of a crank.

e.g.
<<<
3. I do not like Bernstein's decision to employ /salsa20/ as
a pseudorandom number generator i.e. to encrypt data
by XORing it with pseudorandom bits forming an arti-
ficial "one time pad." One time pads are not secure if
they are used twice, and Bernstein's approach makes it
too likely that a naive user might do that.


Note that (as far as I can see) Dan does not describe salsa20
(or snuffle2005) as, or liken it to, a "one time pad". So those
quotes certainly don't indicate him quoting Dan. Quite why he
didn't refer to the scheme as a stream cypher (either spelling,
I'm not fussy), I don't know. But his avoidance of the correct
term and his deviation to a rant about OTPs seems worrisome.

Phil
--
"Home taping is killing big business profits. We left this side blank
so you can help." -- Dead Kennedys, written upon the B-side of tapes of
/In God We Trust, Inc./.
.