I assume they're targeting more than just ARM and x86, given they're talking about "truely portable AES implementations" in the README[1].
That said, I'm very inclined to distrust a very young cipher... released by the NSA, no less[2]. Which is an add-rotate-xor cipher[2], for which we already have the more reviewed ChaCha20[3], suggested for TLS 1.3[4].
That said, I'm very inclined to distrust a very young cipher... released by the NSA, no less[2]. Which is an add-rotate-xor cipher[2], for which we already have the more reviewed ChaCha20[3], suggested for TLS 1.3[4].
[1] https://github.com/redox-os/tfs/blob/master/README.rst#faq
[2] https://eprint.iacr.org/2013/404
[3] https://cr.yp.to/chacha/chacha-20080128.pdf
[4] https://tools.ietf.org/html/rfc7905