twofish keysize

Malte Gell malte.gell at
Thu Apr 22 00:28:47 CEST 2004

Hash: SHA1

Am Montag, 19. April 2004 09:26 schrieb Werner Koch:
> On Mon, 19 Apr 2004 00:19:58 +0200, Malte Gell said:

> > Maybe he expects a performance advantage when using 128 bit keys
> > instead of 256 bit. By the way, are there estimations how much
> > slower a 256 bit Twofish key is? I guess one will only notice it
> > whith huge amount of
> As you can see, there is no difference between twofish (256 bit) and
> twofish 128.

> The disadvantage of a 256 bit key is that is requires double as much
> entropy to create a session key.

Would it be much hassle to introduce 2Fish-128,196,256, just according 
to AES-128,196,256 to adress this? Since many encryption keys are 
1024/2048 bit a 128 bit session key should be sufficient and wouldn't 
"waste" entropy? 
On the one hand asym. keys > 2048 are said to be useful only in certain 
situation, on the other hand PGP/GnuPG amply uses system's entropy for 
AES-256/Twofish(256)...(sorry for key length discussion now on the 
symm. side,I'll immediately duck and cover;-)

Version: GnuPG v1.2.4 (GNU/Linux)


More information about the Gnupg-users mailing list