getting rid of blowfishes

Simpson, Sam s.simpson@mia.co.uk
Tue, 2 May 2000 11:23:23 +0100 


> -----Original Message-----

> From: L. Sassaman [mailto:rabbi@quickie.net]

> Sent: 01 May 2000 00:43

> To: s.simpson@mia.co.uk

> Cc: gnupg-users@gnupg.org

> Subject: Re: getting rid of blowfishes

> 

> 

> On Sun, 30 Apr 2000, Werner Koch wrote:

> 

> > On Thu, 27 Apr 2000, Pete Chown wrote:

> > 

> > > I thought GnuPG now avoided all the known problems with ElGamal

> > > signing.  Is this not the case?

> > 

> > ElGamal S+E keys are fully OpenPGP compatible and GnuPG avoids the

> > problems.  I don't suggest to use them, however some folks 

> feel like 

> > it is a good idea to have a fallback algorithm.

> 

> I didn't mean to sound like I was saying it wasn't OpenPGP 

> compatable. I

> just don't think it is advisable to use them, as you say. 

>

> Having a fall

> back algorithm is a good idea... I just worry that people see it and

> decide to use it, not knowing any of the issues involved.


Fortunately the GnuPG crowd appear to be more technically competent
(probably because it runs on Linux and users are already technically aware I
guess) so there is less of an issue with GnuPG users creating non-compatible
keys inappropriately.
  

> > Blowfish is a well respected algorithm and has been used by 

> the first

> > PGP 5 version.  It is faster than CAST-5 and OpenPGP compatible. 

> > Twofish is not yet OpenPGP and not in wide use mainly because NAI 

> > refused to accept most OpenGPG WG suggestions because they 

> don't want

> > to implement it in their product. 

> 

> Well, let's not be so harsh with the suppositions here. I 

> think you will

> be pleasantly surprised with 7.0.


Don't tell me that finally, 3 or 4 months before AES is finally selected,
PGP will start implementing Twofish which most likely will not be selected
as the final algorithm?

I personally disagreed with the implementation of Twofish anyway (block
cipher strength is certainly not the weakest part of OpenPGP...), but I
think it's *extremely* poor timing to introduce it this late in the day
prior to the selection of AES.

You will then no doubt have the newbies asking "which is best, Twofish or
AES?" where the answer should be damn obvious.

To quote Schneier (Oct '99) "Twofish is really too new to be used." - and
you guys are fielding it in a production system? ;)



> > GnuPG is not PGP nor an NAI product but an OpenPGP 

> implementation; so

> > there is no reason to head for PGP x.x compatibilty.  NAI 

> is selling a

> > proprietary product - GnuPG is free software.  The GNU project is

> > doing software to create a free operating system and not to compete

> > with proprietary products.  If NAI wants to be compatible to GnuPG,

> > they should fix PGP:  I guess they have far more developers than we.

> 

> I have to disagree slightly with this. I think it is 

> important for both

> the PGP developers and the GnuPG developers to strive for 

> compatability

> with each other's product. Fragmenting the OpenPGP community 

> is not a good thing, for anyone involved.



Agree 100%!


> - --Len.

> 

> __

> 

> L. Sassaman

> 

> System Administrator                |  

> Technology Consultant               | "To hold a pen is to be 

> at war." 

> icq.. 10735603                      |  

> pgp.. finger://ns.quickie.net/rabbi |                    --Voltaire



Regards,

Sam Simpson
IT Operations Manager 
MIA Ltd