Re: linux kernel loopkack encryption

New Message Reply About this list Date view Thread view Subject view Author view

Bruce Schneier (schneier@counterpane.com)
Thu, 16 Jul 1998 14:35:39 -0500


>>3) Has anyone got a Gnu assembler version of twofish? I know absolutely
>> no assembler, but I would like to put twofish (in optimized
>> form) into the kernel... Anyone think this is a bad idea? (Bruce - you
>> aren't allowed to comment, ok? :)
>
>Twofish is a well-designed, conservative cipher, but it's young enough
>that a break is still a big risk. Therefore, I'd reccomend using a
>more-analyzed cipher like CAST-128 for now, or at least something which
>can't be less secure than it (i.e., use CAST-OFB on zeroes to generate
>from the XORed-together keys a CAST key and a Twofish key, then use
>Twofish-over-CAST for encryption).

While I agree that Twofish is new, I give a big yuk to CAST-128. Blowfish
is basically the same, but with key dependent S-boxes. If you want to be
conservative, use Triple-DES.

Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
           Free crypto newsletter. See: http://www.counterpane.com


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:28 ADT