Faramir wrote: > Robert J. Hansen escribió: >> Faramir wrote: >>> didn't include Blowfish because I was told it is not supported by PGP > >> PGP can read Blowfish traffic. It won't generate Blowfish traffic, but >> that's a separate issue. > > Interesting... I will add it to my list... please note I am still > talking about what I can receive, I intend to keep using the most used > algo's in my preferred algo's as a sender... maybe not in the same > order, but the same list. > >>> [Schneier] says people should move to Twofish. > >> No, Schneier has recommended people abandon Twofish and move to AES. > > Maybe he said both things, my source was wikipedia, but they provided > a link to the interview where he said that: > > Dahna, McConnachie (2007-12-27). "Bruce Almighty: Schneier preaches > security to Linux faithful". Computerworld 3. Retrieved on 2007-12-31. > "At this point, though, I'm amazed it's still being used. If people ask, > I recommend Twofish instead."
Well, sort of. That section of the interview is talking about Twofish wrt folks still using Blowfish (top of page three). Since you didn't provide a link, I will[0]: Q: A rough count from the list on your Web site indicates that there are well over 150 software products (including the mainline Linux kernel, from v2.5.47) that use Blowfish. Has it exceeded or met your expectations? A: I don't know if I had any expectations. There weren't enough alternatives to DES out there. I wrote Blowfish as such an alternative, but I didn't even know if it would survive a year of cryptanalysis. Writing encryption algorithms is hard, and it's always amazing if one you write actually turns out to be secure. At this point, though, I'm amazed it's still being used. If people ask, I recommend Twofish instead. Don't see any mention of AES. Also, you may wish to consider that on page four of that interview, when asked about a 3rd edition of /Applied Cryptography/[1], Schneier responds: "However, in a way there is now a sequel. Practical Cryptography[2], by Neils Ferguson and myself, was published this year. It's about cryptography as it is used in real-world systems, about cryptography as an engineering discipline rather than cryptography as a mathematical science. "This is the book we wish we'd had more than a decade ago when we started our cryptographic careers. It collects our combined experiences on how to design cryptographic systems the right way. In some ways, this book is a sequel to Applied Cryptography, but it focuses on very practical problems and on how to build a secure system rather than just design a cryptographic protocol. And in /Applied Cryptography/, they write[3]: 4.5.7 Which Block Cipher Should I Choose "/That/ is the question. Don't forget that we are biased because we were part of the team that designed Twofish. We also spent quite a lot of time attacking the other AES finalist, which further influences our point of view. ... "The safe choice for your career is AES. This is the official standard, sanctioned by the U.S. government. Everybody else will be using it, too. We do not think it is the absolute safest choice for your data, but if there is ever a successful attack against AES, it obviously won't be your fault. They used to say "nobody gets fired for buying IBM." Similarly, nobody will fire you for choosing AES. As long as it isn't you who loses money and/or sleep if AES gets broken, choose AES. "AES has other advantages. It is relatively easy to use and implement. All cryptographic libraries support it, and all customers like it as it is "the standard." In this sense, you cannot go wrong with AES. "If you are paranoid about the security of your data, and speed is not that important, then you should choose Serpent. During the AES process, every serious cryptographer agreed that Serpent was the most secure (or most conservative) of all the submissions. "That does not leave a lot of room for Twofish. You should only choose Twofish if you want the speed of AES without the security disadvantages listed above. Of course, all the institutional advantages of AES will now weigh against you. If Twofish is ever broken, you will be blamed for selecting it. "There are probably circumstances in which 3DES still is the best solution. If you have to be backward compatible, or are locked into a 64-bit block size by other parts of the system, then 3DES is still your best choice... WikiPedia can provide good background. It is not always authoritative. BTW, I tracked down the page you referenced, It was Wikipedia's Blowfish page[4]. Item 3 under Notes and references. I'm going to agree with the others, most folks will tell you AES and 3DES if you need the backwards compatibility. [0] http://www.computerworld.com.au/index.php/id;1891124482;pp;3 [1] http://www.schneier.com/book-applied.html [2] http://www.amazon.co.uk/Practical-Cryptography-Niels-Ferguson/dp/0471223573 also http://www.schneier.com/book-practical.html [3] Ferguson, Niels & Schneier, Bruce. /Practical Cryptography/. John Wiley & Sons, 2003. [Pages 63-64] [4] http://en.wikipedia.org/wiki/Blowfish_(cipher) -- John P. Clizbe Inet:John (a) Mozilla-Enigmail.org You can't spell fiasco without SCO. hkp://keyserver.gingerbear.net or mailto:[EMAIL PROTECTED] Q:"Just how do the residents of Haiku, Hawai'i hold conversations?" A:"An odd melody / island voices on the winds / surplus of vowels"
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
