From owner-freebsd-security  Sun May  2  2:25:35 1999
Delivered-To: freebsd-security@freebsd.org
Received: from schuimpje.snt.utwente.nl (schuimpje.snt.utwente.nl [130.89.238.4])
	by hub.freebsd.org (Postfix) with ESMTP id B2B9614D9D
	for <freebsd-security@FreeBSD.ORG>; Sun,  2 May 1999 02:25:32 -0700 (PDT)
	(envelope-from jeroen@vangelderen.org)
Received: from ut243008.inbel.utwente.nl ([130.89.243.8]:525 "EHLO vangelderen.org" ident: "NO-IDENT-SERVICE[2]") by schuimpje.snt.utwente.nl with ESMTP id <7971-20162>; Sun, 2 May 1999 11:25:11 +0200
Message-ID: <372C19F5.625BB2B@vangelderen.org>
Date:	Sun, 02 May 1999 11:25:09 +0200
From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
X-Mailer: Mozilla 4.51 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Robert Watson <robert+freebsd@cyrus.watson.org>
Cc: Poul-Henning Kamp <phk@critter.freebsd.dk>,
	The Tech-Admin Dude <geniusj@phoenix.unacom.com>,
	Brian Beaulieu <brian@capital-data.com>, freebsd-security@FreeBSD.ORG
Subject: Re: Blowfish/Twofish
References: <Pine.BSF.3.96.990501150648.2670B-100000@fledge.watson.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Robert Watson wrote:
[...]
> I'd recommend against using Blowfish--go for Twofish.

Regardless of what you think about Blowfish, recommending Twofish
is a very, very bad move. The golden rule in crypto is that trust
comes with the age of an algorithm. Twofish is waaaay to young to
be trusted, especially since it's an evolutionary improvement
over Blowfish which you don't like for some reason.

In any case, if you recommend against using Blowfish, what's the
reason?

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen - jeroen@vangelderen.org - 0xC33EDFDE


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message