I was mixing up with the attack against twofish with reduced rounds (I think this is true of blowfish with reduced rounds as well )
-----Original Message----- From: Evan Nemerson [mailto:[EMAIL PROTECTED]] Sent: 22 May 2002 22:57 To: John Horton; [EMAIL PROTECTED] Subject: Re: [PHP] Mcrypt: Blowfish or Twofish or no fish? Ah, when was twofish broken??? That's news to me if it's true. http://www.counterpane.com/twofish.html http://www.counterpane.com/about-twofish.html On Wednesday 22 May 2002 00:43 am, John Horton wrote: > Hi, > I believe that twofish has been successfully broken, so use blowfish > instead. Typically, for encrypting files you will use an algorithm like > blowfish in cbc mode (as opposed to ebc mode) but I don't know if Mcrypt > supports this. Also, when creating the hash of the file, it is probably > best to use SHA-1 instead of MD5, as there appears to be some concern with > MD5 over it's compression function. > HTH > JH > > -----Original Message----- > From: Jimmy Lantz [mailto:[EMAIL PROTECTED]] > Sent: 21 May 2002 17:28 > To: [EMAIL PROTECTED] > Subject: [PHP] Mcrypt: Blowfish or Twofish or no fish? > > > Hi, > started playing with Mcrypt and just wanted to ask which encryption method > makes the stronger encryption? > (I can supply the necesary keylength). > Should I go for MCRYPT_BLOWFISH or MCRYPT_TWOFISH? Or no fish at all :) > > So what do I need it for? I'm going to use it encrypting files, sizes > varies between some 100 k's and 4-5 mb's. > / Jim > > Paranoia + A system w/o users = Safe system :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
