On Sat, Feb 09, 2008 at 11:29:08PM -0600, Kevin Hilton wrote: > >Twofish is almost entirely abandoned nowadays, but it still exists in > >PGP and GnuPG. Once a bad decision is made in engineering, the > >engineers are stuck supporting it forever. > > Is this statement really true or just opinion? Bruce Schneier is one > of my favorite cryptoanalysts.
It's basically true, at least in the context of OpenPGP. Note that the statement doesn't say that Twofish is insecure. It's just that when AES came along, it eclipsed many/most of the ciphers with similar capabilities. >From the perspective of the researcher who wants to attack a cipher, they'll attack AES because lots of people use it. From the perspective of the user of crypto, they'll use AES because of all the research on it. Repeat this cycle enough times, and you can see why Twofish isn't used much. David _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
