next AE cipher COLM?
uri at mit.edu
Thu May 17 16:52:37 CEST 2018
Yes I prefer GCM or OCB - both well-studied.
There's an updated RFC draft on OCB. I haven't seen yet an RFC defining how to use OCB in CMS - but technically it would be no different from GCM (just need to figure what OID to assign to it ;-).
Sent from my test iPhone
> On May 17, 2018, at 10:48, Andrew Gallagher <andrewg at andrewg.com> wrote:
>> On 17/05/18 14:42, Bernhard Reiter wrote:
>> Would it make sense to consider
>> COLM for being the next authenticated encryption algorithm?
> Given the shortage of manpower in the OpenPGP community, is it not more
> advisable to stick to algorithms with a few miles on the clock, such as
> GCM, even if they may not be strictly ideal? There will never be an
> ideal encryption algorithm after all, just ones with known problems and
> ones with unknown problems... ;-)
> Andrew Gallagher
> Gnupg-devel mailing list
> Gnupg-devel at gnupg.org
More information about the Gnupg-devel