Poly1305-AES is a state-of-the-art secret-key message-authentication code suitable for a wide variety of applications.

DJB's MAC. I hadn't seen this before -- it looks like its just being published this year.

Poly1305-AES: a state-of-the-art message-authentication code

] SHA-1 has been broken. Not a reduced-round version. Not a
] simplified version. The real thing.

Yow!

Schneier on Security: SHA-1 Broken

] The main objective of the project is to put forward a
] portfolio of strong cryptographic primitives that has
] been obtained after an open call and been evaluated using
] a transparent and open process. The project intends to
] contribute to the final phase of the AES block cipher
] standardisation process (organised by NIST, US), but will
] also launch an independent open call for a broad set of
] primitives providing confidentiality, data integrity, and
] authentication.

Whirlpool is being proposed as part of NESSIE which is a European version of the AES process except for all kinds of crypto primitives, not just a block cipher.

New European Schemes for Signatures, Integrity, and Encryption

] WHIRLPOOL is a hash function designed by Vincent
] Rijmen and Paulo S. L. M. Barreto that operates on
] messages less than 2256 bits in length, and produces a
] message digest of 512 bits.

Sort-of like CBC-MAC with AES except its just a hash, not a MAC.

The Whirlpool Hash Function

] The ageing Data Encryption Standard (DES) is no longer
] secure enough for use by government and should be
] replaced by Advanced Encryption Standard (AES) instead,
] according to a key US government standards agency.

US.gov plans DES's retirement | The Register

Jeremy wrote:
] Former FBI Director Louis Freeh is back in the saddle of his
] hobbyhorse, complaining about key escrow/recovery. I thought
] we'd already covered this, back in 1996, but for those who may
] need a refresher, this book is the one stop shop.

*sigh* ... I should have known better than to think we'd heard
the last from Louis Freeh... why don't these people understand
that there's no way to put this genie back in the bottle!
Further, it just compromises the security and privacy
for legitimate users and has no effect on the bad guys.
After all, the Feds won't find out the bad guys are using non-escrowed
crypto until its too late ... unless they're planning to
decrypt everything, all the time just to make sure they can!

RE: Cryptography's Role in Securing the Information Society

NIST is trying to update the venerable set (CBC/OFB/CFB/counter) of encryption modes. Some of the new ones provide "authenticated encryption," i.e. the equivalent of encryption and MACing with one key and significantly less cost than encrypt-then-MAC.

In light of Vaudenay's CBC padding attack, authenticated encryption seems prudent.

NIST -- New Encryption Modes

(this is a follow-on paper to Vaudenay02 which doesn't seem available online)

How to break CBC encryption using certain common padding schemes given a "padding oracle", a node that tells you whether or not a given ciphertext corresponds to a well-padded plaintext.

Breaking CBC Encryption for Fun and Profit