This memo collects references to published cryptanalytic results
which are directly relevant to the security evaluation of CAESAR first
round algorithm STRIBOB and its second round tweaked variant, WHIRLBOB.
During the first year after initial publication of STRIBOB and WHIRLBOB,
no cryptanalytic
breaks or other serious issues have emerged. The main difference in
the security between the two variants is that WHIRLBOB allows easier
creation of constant-time software implementations resistant to cache
timing attacks.
↧