Default hash

Robert J. Hansen rjh at
Sat Feb 26 07:36:33 CET 2011

On 2/26/11 12:41 AM, John Clizbe wrote:
> pg 64. Sect 4.5.7 - Which Block Cipher Should I Use?

And, I forgot: I have my Kindle with me.  _Practical Cryptography_ isn't
available on Kindle, but _Cryptography Engineering_ is (also by
Schneier).  Quoting from 3.5.6, "Which Block Cipher Should I Choose?"

     The recent cryptanalytic advances against AES make these a
     tough choice.  Despite these cryptanalytic advances, AES is
     still what we recommend.  It is fast.  All known attacks
     are theoretical, not practical.  Even though AES is now
     broken academically, these breaks do not imply a significant
     security degradation of real systems in practice.


     There are probably circumstances in which 3DES still is the
     best solution.  If you have to be backward-compatible, or are
     locked into a 64-bit block size by other parts of the system,
     then 3DES is still your best choice.

... So, yeah.  There's Schneier himself, saying "use AES if at all
possible: and if you have to have a 64-bit block size cipher, use 3DES
even over Blowfish, CAST5, IDEA, or any other 64-bit block cipher I
mentioned in _Applied Cryptography_."

Hopefully this puts the nail in the coffin, and we can end this thread.

More information about the Gnupg-users mailing list