Re: I've said something before, which was ignored, but resulted in some personal discomfort...
The AES was the subject of a public competition with various cryptographers around the world studying the choices and weeding out obvious weaknesses, which is how it should be and leads to a strong and trustworthy standard.
That is not the same as saying the NSA, etc, might find a non-obvious (by global expert standards) weakness that speeds brute-forcing by some useful amount, nor that they might not have spent a small country's GDP on dedicated brute-forcing hardware to attack real high-value messages.
Nor is it the same as saying an implementation using the AES has not screwed up on not leaking the key, etc.
But its a damn sight better than the Dual Elliptic Curve Deterministic Random Bit Generator where the NSA basically wrote the spec with known-to-them weaknesses!
Biting the hand that feeds IT
