A simple, efficient and secure block cipher has been proposed. It was designed after the CS block cipher as well as the research into FPHT transforms of [5] and [7]. We feel that the design is a reasonable alternative to Rijndael for hardware platforms since it is equally as efficient and does not rely on a highly algebraic non-linear transform.
In other words, it's no faster than AES, but hasn't gone through the extensive rounds of vetting than AES has? That's really quite the compelling argument they've got there.
The recent results on MD5 and SHA-1, while not having any direct implications for AES, do reinforce the wisdom of not putting all of one's eggs in one basket, so I can see the attraction of having an alternative to AES. Here's the thing, though: there were five finalists in the AES competition: MARS, RC6, Rijndael (the selected AES), Serpent, and Twofish. All of them were quite fast and were believed by the evaluators to offer an adequate security margin. If you feel the need for a backup for AES, you should pick one of the other AES candidates rather than some entirely new cipher.
Another alternative here is to use 3DES, which people are pretty comfortable with from a security perspective. However 3DES has two significant drawbacks:
- The small blocksize (64 bits) means that you have to rekey relatively frequently---every 34 GB or so in CBC mode.
- 3DES is quite slow compared to the more modern algorithms.
This means that 3DES isn't really suitable for very high speed applications. For such applications, one of the other AES candidates is a better choice. I'm not really a cryptographer, so I can't offer an opinion about which the best choice of the remaining four is, but Twofish seems to have the biggest mindshare.
The other claim is efficient in hardware. But AES is great in hardware:
You can get ~600+ Mbps in a ~1.3+ Gbps in the same part.