On Thu, 7 Aug 1997, Marshall Clow wrote:
At 7:48 PM -0700 8/7/97, Adam Shostack wrote:
Jonathan Wienke wrote:
| Instead of having a 1-byte cipher identifier, I would like to see a 4 byte
| text identifier for ciphers and hashes, so IDEA could be designated by
| "IDEA", triple-DES by "3DES", SHA-1 by "SHA1", etc. This would make it much
| easier for PGP to support numerous algorithms, and multiple encryption.
| Perhaps each algorithm could be implemented as a plug-in, so that
| encrypting a message with triple-DES, IDEA, and then something cooked up in
| your basement would be easily implemented.
And RIPEMD-160 would be indicated how? Having length byte, text field
may well be overkill. So I'd suggest that a one byte ID with
everything in an include file makes writing code easier, and doesn't
need to change the presentation.
As much a fan of 4 byte identifiers as I am, I agree with Adam here.
We aren't going to see 2 billion or so cipher ids.
However, I can envision a day when we have more than 256 cipher IDs.
Two bytes, please (or octets, if you prefer)
You will need more than one byte, unless PGP wants to insist that only
their version of CFB is used for the internal complication. There is now
a CBC(?) version of CAST, and the other variants deserve either another
chain/feedback byte, or we simply need a bigger integer to store it.
Just go to Applied Cryptography and start counting algorithms and then
ways to make the algorithms more complex, and multiply.
But before this goes off on a tangent, PGP 5.0 (at least the source
code I have seen) isn't modular in the sense of having a dlopen(alg) call,
and I, for one, would not like to see 1,000 algorithms defined because no
two implementations would work together, or the program would need to be
larger than most hard drives.
This issue itself should limit the number of algorithms to 256 or less.
--- reply to tzeruch - at - ceddec - dot - com ---