netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PATCH] IPsec: add support for Twofish and Serpent

from [Kyle McMartin] [Permanent Link][Original]
To: Pekka Pietikainen <pp@xxxxxxxxx>
Subject: Re: [PATCH] IPsec: add support for Twofish and Serpent
From: Kyle McMartin <kyle@xxxxxxxxxx>
Date: Fri, 15 Aug 2003 13:38:31 -0400
Cc: netdev@xxxxxxxxxxx
In-reply-to: <20030814180857.GA4205@xxxxxxxxx>
References: <20030814164819.GA18948@xxxxxxxxxxxxxxxxxxx> <20030814180857.GA4205@xxxxxxxxx>
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mutt/1.5.4i 
On Thu, Aug 14, 2003 at 09:08:57PM +0300, Pekka Pietikainen wrote:
> There's absolutely no need to add complexity unless there are some technical
> arguments for doing so, say compatibility with legacy implementations
> which justifies bothering with DES/3DES/MD5 although they're inferior to 
> AES and SHA1 in just about every aspect.
> 
There are simple technical arguments for doing so, SERPENT and Twofish
are both either as secure, or more secure than rijndael, as it stood with
the amount of cryptanalysis the three received as part of the AES
selection process. (Serpent, as it stood, was more secure, since it had
more rounds, and more proven sboxes).

Adding more *secure* algorithms does no harm.

Regards,
-- 
Kyle McMartin <kyle@xxxxxxxxxx>
1024D/191FCD8A - 331A 9468 C04D 3A76 5C56  BA68 7EB7 92DF 191F CD8A
2048R/F515317D -   68 A9 0D 28 1B DF 8D 42  0F CC AF 98 A8 D5 A4 04
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PATCH] IPsec: add support for Twofish and Serpent, Kyle McMartin
Next by Date:  Re: [PATCH] IPsec: add support for Twofish and Serpent, Kyle McMartin
Previous by Thread:  Re: [PATCH] IPsec: add support for Twofish and Serpent, Kyle McMartin
Next by Thread:  Fix to have sysfs track rename of network devices, Mark Huth
Indexes:  [Date] [Thread] [Top] [All Lists]