Re: IDEA (and another query)|
Olaf Titz <olaf,AT,bigred,DOT,inka,DOT,de>|
Fri, 4 Apr 2003 23:01:52 +0200|
> Does anyone know what Olaf thinks ?
> > We don't need IDEA. I think 3DES would be a much better choice.
I think 3DES would be a rather poor choice because of its *ahem*
performance characteristics. Much more interesting would be support
for pluggable algorithms via the Linux 2.5 standard crypto API, so you
could have Rijndael, MARS or whatever you like.
Does Windows have anything similar?
The current CVS version has support for the 2.4-intl crypto API
patches, but that is too incompatible with 2.5 to seamlessly support
both versions. So here goes another query: does anybody actually use
the 2.4 crypto API support or could that be thrown out in favor of a
2.5 version? Should I fork a version with the 2.4-intl support?
But, and that's a big "but", to use ciphers with any block length
other than 64 bits would require a protocol change, as the current
version is fixed at that block length (IV, padding). I have some
thoughts about a protocol overhaul concentrating on the following
- use of real cryptographic checksum instead of CRC
- version flags and key-use flag in a proper packet header