Re: linux kernel loopback encryption

New Message Reply About this list Date view Thread view Subject view Author view

Bruce Schneier (schneier@counterpane.com)
Fri, 17 Jul 1998 23:10:30 -0500


At 05:04 AM 7/18/98 +0200, Anonymous wrote:
>(another) Anonymous wrote:
>>I'd say go ahead and stick in as many cyphers as possible. Put in DES,
>>IDEA, 3DES, Twofish, Blowfish, CAST-128, and others. Let the user decide
>>how to stack them up. Warn users of cyphers like Twofish that the cypher
>>is new. In fact, including descriptions and strength/weakness lists for
>>each of the cyphers is probably a good idea.
>
>To reiterate what was said in my much-ridiculed other post (in this
>soon-to-be-much-ridiculed post :), it's possible to chain them in a way
>that lets the chain be provably as secure as one of the ciphers.

Chaining them in OFB mode makes them provably as strong as the
strongest. Chaining them in discrete blocks makes them provably as strong
as the first. Of course, anyone reasonable will tell you that a chain is much
stronger than any individual cipher. But if you have all those clock cycles
to encrypt, I would just do three-key quintuple DES and be done with it.

Bruce
**********************************************************************
Bruce Schneier, President, Counterpane Systems Phone: 612-823-1098
101 E Minnehaha Parkway, Minneapolis, MN 55419 Fax: 612-823-1590
           Free crypto newsletter. See: http://www.counterpane.com


New Message Reply About this list Date view Thread view Subject view Author view

 
All trademarks and copyrights are the property of their respective owners.

Other Directory Sites: SeekWonder | Directory Owners Forum

The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:20:36 ADT