Default hash

Aaron Toponce aaron.toponce at
Sat Feb 26 04:27:52 CET 2011

On 02/25/2011 07:39 PM, Robert J. Hansen wrote:
> Bruce himself recommends AES over TWOFISH.

[citation needed]

I know that he's recommended AES-128 over AES-256, but I've not read
where he's recommended AES over TWOFISH.

>> I don't trust 3DES
> Why?  Bruce himself has said that if speed isn't a concern, nothing else
> comes close to the trust level of 3DES.

Again, [citation needed]. 3DES has an effective security of only 80 bits
due to the meet-in-the-middle attack and known- or chosen-plaintext
attacks, and NIST is only willing to back the algo through 2030. The
cryptanalysis seems pretty strong, and it is a slow algo. To each their
own, but I'll pass.

> FWIW, I don't much care for the Cult of Schneier.  He's a good cryppie,
> a good writer, a top-notch communicator -- but the idea of "supporting"
> him is, IMO, a little crazy.

Okay, "support" might have been the wrong word. twofish performance is
fast, and his new Skein algorithm, based off threefish, is crazy fast.
That said, AES is comparable. twofish is implemented in a crazy amount
of crypto software as well. Cryptanalysis is minimal, and the open
license of the algorithm is commendable.

> A modified Borda count is used.

Ah. Okay. That works.

> With respect to your prefs, my standard advice applies: unless you know
> what you're doing and why, stick with the defaults.

Well, I wanted the defaults, but then I couldn't use the SHA2 signing
algorithms, now could I? :)

. o .   o . o   . . o   o . .   . o .
. . o   . o o   o . o   . o o   . . o
o o o   . o .   . o o   o o .   o o o

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 591 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20110225/55bbc425/attachment-0001.pgp>

More information about the Gnupg-users mailing list