Posts  / #POST-147545
REDDIT

Non NIST-Standardized Cryptosystems That Are Still Worth Studying?

F
Mar 13, 2025 · 22:38

We are all aware that the NIST selects cryptosystems for federal government use.

As I was speaking to a colleague we both agreed that just because the NIST does not select certain cryptosystems does not mean they are worthless. Even the NIST chosen cryptosystems have their downsides.

Certainly there have been good contestants in NIST competitions (e.g. Twofish for AES, Serpent for AES, ChaCha20 as a constant-time alternative to AES ; Rainbow for PQC, BLAKE for SHA-3, etc).

What cryptosystems have you seen submitted to NIST competitions that you deemed worth studying despite being rejected by the NIST?