I would have much preferred if the post wasn't acted out as a narrative as it detracted from the powerful message of not using AES and why it's flawed.
I'd say it didn't detract from the narrative; it made the narrative accessible to a different audience.
The screenplay format both presented a story-based framework for understanding the progression of the argument, and humor (unicorn with laser horn) to provide a contrast to the fairly complex topic.
I'm clueless when it comes to crypto, and if I were to read a very well written paper about it, I'd probably get sidetracked, or accept the conclusion without understanding the steps taken to reach it. The format of this article was perfect for driving the point (and its reasonings) home to the uneducated masses such as myself.
My takeaway from the article wasn't "don't use AES" - it was "use a sufficiently high-level cryptography library such that someone smarter than you is deciding which algorithm to use and with which options".
Usually people focus on "which algorithm" (you may have heard endless debates about key length) when "which options" is what actually ends up biting you. But one argument seems fun and the other mundane, so the latter doesn't get the attention it requires.
But it seems like the situation they describe is one where you wouldn't want to use encryption at all. Why give the user his data in an encrypted form when you can give the user an ID and keep his data entirely away from him? Seriously, when does giving someone data you don't want them to read ever work better than just not giving them data at all?
Having a narrative reinforces the point that what you actually do depends on the entire context of the application. You would almost never be the one implementing cannot-be-broken-under-ANY-circumstances encryption. So you have to know what the circumstances are. In this case, the circumstances point to no-encryption-whatsoever!
Sure, you could point to other circumstances where something like what they're talking about would be useful but that's a million possible circumstances with a million possible encryption solutions and you've lost the useful urgency of the original concrete narrative.
I agree. I found the narrative "intimidating" and stopped reading after a short while. I'm turned off by all the crypto-testosterone. :D
Ah, if only I could write another Notepad and make money off that.
