Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Let's not forget that the designer of Rijndael (AES) is also the designer of Keccak (SHA-3).

RC4, by the way, was bad even for the time. It would be worth studying how it managed to survive as long as it did, because flaws in RC4 were well known long before the browser drama.



In the case of SHA-3 it's particularly ironic that the desire to avoid a monoculture in designs led to a monoculture in designers.

(The authors of AES had one of the few submissions that was very different from AES and this was a large factor in it getting picked)


It'd guess it was a combination of not being patented (they tried to protect it as a trade secret instead but it leaked), the general ease-of-application of stream ciphers, and the fact that RC4 in particular is so easy to implement you can easily memorise and bash it out in a few minutes.


RC4 was a state of the art stream cipher in 1987; that it took so long for a practical attack to appear, despite its wide use, is a testament to the fact that it was clearly not "bad even for the time"


RC4 was a trade secret unknown to the rest of the industry until it was leaked on Usenet in the mid-90a.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: