jedisct1
commented
3 years ago This (and other attacks) doesn't have any practical impact on full-round Gimli in actual constructions.
Gimli got a lot of attention since the beginning of the competition since its slow diffusion makes it an obvious target to publish attacks on when you have competing entries.
But these results are actually very reassuring. Gimli is likely the most studied candidate at this point, and besides interesting observations and made up modes, it has proven to be up to its security claims.
Hey, I just saw this: https://eprint.iacr.org/2020/744 and wanted to understand what (if any) impact that has on libhydrogen?