From daw-usenet@taverner.cs.berkeley.edu Mon Jan 19 00:18:06 PST 2004
Article: 264964 of sci.crypt
Path: agate.berkeley.edu!agate!not-for-mail
From: daw@taverner.cs.berkeley.edu (David Wagner)
Newsgroups: sci.crypt
Subject: Re: Better algorithm: Rijndael or TwoFish?
Date: Mon, 19 Jan 2004 08:17:21 +0000 (UTC)
Organization: University of California, Berkeley
Lines: 13
Message-ID: <bug3qh$281q$1@agate.berkeley.edu>
References: <1d54b7e4.0401182256.107ae29f@posting.google.com>
Reply-To: daw-usenet@taverner.cs.berkeley.edu (David Wagner)
NNTP-Posting-Host: taverner.cs.berkeley.edu
X-Trace: agate.berkeley.edu 1074500241 73786 128.32.153.228 (19 Jan 2004 08:17:21 GMT)
X-Complaints-To: usenet@agate.berkeley.edu
NNTP-Posting-Date: Mon, 19 Jan 2004 08:17:21 +0000 (UTC)
X-Newsreader: trn 4.0-test76 (Apr 2, 2001)
Originator: daw@taverner.cs.berkeley.edu (David Wagner)
Xref: agate.berkeley.edu sci.crypt:264964

mike3 wrote:
>Which is better: Rijndael or Twofish in terms of security and speed?
>How good do they compare?

My advice would be to use AES, not Twofish, unless there is some special
requirement that makes AES unsuitable.  There's nothing particularly
wrong with Twofish -- I'm pleased with the design and how it has held
up -- but I think AES is even better, and AES is receiving more scrutiny
than any of the other finalists.  This gives a powerful reason to prefer
AES over Twofish (or any of the other finalists, including Serpent,
for that matter).

Full disclosure: I was a co-designer of Twofish, so I'm probably biased.