Re: IDEA (and another query)|
Damion Wilson <dwilson,AT,ibl,DOT,bm>|
Sun, 6 Apr 2003 02:42:00 +0200|
Do we have to adopt the Linux Crypto API ? Does it save work to go that way
rather than roll our own (common) methodology, say, using a plugin approach ?
Windows does have a crypto "API" but it is largely incompatible with the
On Friday 04 April 2003 04:32 pm, Olaf Titz wrote:
> > Does anyone know what Olaf thinks ?
> Yes ;-)
> > > We don't need IDEA. I think 3DES would be a much better choice.
> I think 3DES would be a rather poor choice because of its *ahem*
> performance characteristics. Much more interesting would be support
> for pluggable algorithms via the Linux 2.5 standard crypto API, so you
> could have Rijndael, MARS or whatever you like.
> Does Windows have anything similar?
> The current CVS version has support for the 2.4-intl crypto API
> patches, but that is too incompatible with 2.5 to seamlessly support
> both versions. So here goes another query: does anybody actually use
> the 2.4 crypto API support or could that be thrown out in favor of a
> 2.5 version? Should I fork a version with the 2.4-intl support?
> But, and that's a big "but", to use ciphers with any block length
> other than 64 bits would require a protocol change, as the current
> version is fixed at that block length (IV, padding). I have some
> thoughts about a protocol overhaul concentrating on the following
> - use of real cryptographic checksum instead of CRC
> - version flags and key-use flag in a proper packet header