On Fri, 8 Aug 1997, Jurgen Botz wrote:
tzeruch(_at_)ceddec(_dot_)com wrote:
and I, for one, would not like to see 1,000 algorithms defined because no
two implementations would work together, or the program would need to be
larger than most hard drives.
It may seem that way, but if you think about it... cryptographic algorithms
are usually /tiny/ pieces of code. Often less than 1k of object code but
even if it's 5k that's still only 5MB for 1000 of 'em... a lot smaller than
MS Word or other such. And besides, algorithms could be linked in dynamically
at run-time.
How large are the S-Boxes for DES and CAST? And what if 500 of the
algorithms are simply variants of the above with different s-boxes? You
also need key setup, which seems to be different for each algorithm.
Linking them in dynamically doesn't shrink them, it simply scatters them
among 500 DLLs or one giant DLL, and if the only use of that DLL is for
PGP, it may as well be in the binary.
I have shared libraries for SSLeay and have taken to convert my crypto
code to use that instead, and even did the SSL for lynx in a generic proxy
(works with GNUscape for emacs too), which ends up around 20K under Linux
i386 for a full SSL server and client proxy that handles certificates. Of
course PGP doesn't use any existing library for these functions, and
Netscape has its own internal Crypto and Bignums to do SSL, and the OS
internal stuff has another one...
--- reply to tzeruch - at - ceddec - dot - com ---