From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org> To: Robert Watson <robert+freebsd@cyrus.watson.org> Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>, The Tech-Admin Dude <geniusj@phoenix.unacom.com>, Brian Beaulieu <brian@capital-data.com>, freebsd-security@FreeBSD.ORG Subject: Re: Blowfish/Twofish Message-ID: <372C19F5.625BB2B@vangelderen.org> References: <Pine.BSF.3.96.990501150648.2670B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote: [...] > I'd recommend against using Blowfish--go for Twofish. Regardless of what you think about Blowfish, recommending Twofish is a very, very bad move. The golden rule in crypto is that trust comes with the age of an algorithm. Twofish is waaaay to young to be trusted, especially since it's an evolutionary improvement over Blowfish which you don't like for some reason. In any case, if you recommend against using Blowfish, what's the reason? Cheers, Jeroen -- Jeroen C. van Gelderen - jeroen@vangelderen.org - 0xC33EDFDE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?372C19F5.625BB2B>