Encryption algos

Per Tunedal Casual pt at radvis.nu
Thu Jan 20 15:04:42 CET 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,
I just checked the list of algos in GnuPG v. 1.4:
3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH

The list is rather long, what about making it a bit longer?
Rational: When AES starts to become questioned (10 years from now? sooner?)
we have an  other secure algo to fall back upon.

We have got basically two modern algos: AES and TWOFISH. Both are created
with an emphasis on speed, rather than on security. What about including an
algo with emphasis on security? I can see at least two suitable algos among
the AES-candidates:
Serpent (2:nd best to Rijndael=AES in the final evaluation round)
CAST256 (beaten by Serpent in the first evaluation round)

CAST256 is an improved version of CAST5 and might be a natural choice for
OpenPGP. I don't know if the algo is used in any software or if it is
studied by cryptographers any more. It might not be a good idea to include
a cipher that isn't well studied (cf TWOFISH!).

Serpent is considered secure due to "a conservative design" and many
rounds. I think it is used in some software. This cipher might be of more
interest to cryptographers and thus might be well studied. The drawback
might be that the design is somewhat similar to Rijndael=AES and thus can
be attacked in similar ways.

Any way. There isn't any need to hurry. Better make a wise decision (cf
TWOFISH).

Per Tunedal
Keyid: 0xAE053BE0
Fingerprint: D70D 9057 A985 4944 2191 995A 2D74 F09D AE05 3BE0

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32) - GPGrelay v0.955
Comment: Vad är en PGP-signatur? www.clipanish.com/PGP/pgp.html

iD8DBQFB77qWaDDfzFT+2PIRAklaAJsHlEvp6Q/yw31TIc/EYNaW4mpenQCePKHH
n0NmbZSFI3qUGufc81Fn7WE=
=2szK
-----END PGP SIGNATURE-----




More information about the Gnupg-users mailing list