Of course not -- keyczar doesn't implement CCM or EAX. But the fact that CCM and EAX are obscure shouldn't count as a point in their favour.

There's an obvious difference between the two sets: one consists of real attacks, the other of speculative attacks.

The Bernstein and Oskiv-Shamir-Tromer attacks were not at all speculative. They showed the concrete theft of a key.

If your point is valid, it shouldn't be hard for you to name one system in which CCM or EAX were "broken" --- and I'll give you any definition of broken you choose --- because of these papers.

I don't know of any systems which use CCM or EAX in software on general-purpose hardware -- but if you name me a system which uses OpenSSL's AES code circa early 2005 in EAX mode, I'll name you a system which was vulnerable to a timing side channel.

Tally ho, Colin! Looking forward to what you find; I'm sure I'll learn something. If Bernstein's attack was really that relevant to real-world cryptosystems, I'm sure you'll come back with something fun.