Date: Sun, 2 May 1999 21:54:31 -0400 From: Adam Shostack <adam@homeport.org> To: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> Cc: Robert Watson <robert+freebsd@cyrus.watson.org>, Poul-Henning Kamp <phk@critter.freebsd.dk>, The Tech-Admin Dude <geniusj@phoenix.unacom.com>, Brian Beaulieu <brian@capital-data.com>, freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <19990502215431.A22973@weathership.homeport.org> In-Reply-To: <372C19F5.625BB2B@vangelderen.org>; from Jeroen C. van Gelderen on Sun, May 02, 1999 at 11:25:09AM %2B0200 References: <Pine.BSF.3.96.990501150648.2670B-100000@fledge.watson.org> <372C19F5.625BB2B@vangelderen.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, May 02, 1999 at 11:25:09AM +0200, Jeroen C. van Gelderen wrote: | Robert Watson wrote: | [...] | > I'd recommend against using Blowfish--go for Twofish. | | Regardless of what you think about Blowfish, recommending Twofish | is a very, very bad move. The golden rule in crypto is that trust | comes with the age of an algorithm. Twofish is waaaay to young to | be trusted, especially since it's an evolutionary improvement | over Blowfish which you don't like for some reason. | | In any case, if you recommend against using Blowfish, what's the | reason? The reason not to use Blowfish is (imho) the Pi key scheduling. Key schedules need to be designed, not taken at random from nature. The reason to not use it for passwords is that the function you want (if you're going to not change the model), is a hash function, not a block cipher. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990502215431.A22973>