On Oct 28, 5:54pm, Jon Callas wrote:
Subject: Symmetric Algorithm
Questions:
There are presently three symmetric algorithms used in PGP. They are IDEA,
Triple-DES, and CAST5.
Ideally, there would be only one MUST algorithm, and the other two are
SHOULD algorithms -- because you lose some compatibility with PGP 5 if you
don't do them, but there are reasons not to do IDEA, for example (it's
patented, and you need a license).
So here are the questions:
(1) Which algorithm is the MUST algorithm?
(2) Should there be more than one MUST algorithm, and if so, which ones?
Please note that arguing for IDEA being a MUST algorithm could lead to the
standard getting bogged down.
(3) Should any remaining algorithms from the original suite be SHOULD or MAY?
(4) What other algorithm(s) do you want to see as MAY algorithms?
I am presently merging my draft of the spec with Lutz's, and will send that
out presently.
My votes:
(1) Triple-DES (because it's less controversial than CAST5).
Personally, I wouldn't mind seeing both Triple-DES and CAST5 as a MUST.
Question: Why is CAST5 controversial? ... insufficient crytanalysis at this
point in time?
(2) No, only one MUST algorithm.
(3) I'd like to see both CAST5 and IDEA as SHOULD algorithms.
(4) I have no preferences, but ones mentioned to me are Blowfish and
SAFER128.
Ok:
1) Triple-DES and CAST5
2) Yes (see above)
3) SHOULD algorithms : IDEA
4) Blowfish
Jon
...
-- End of excerpt from Jon Callas
--
Tony Mione, RUCS/NS, Rutgers University, Hill 055, Piscataway,NJ - 732-445-0650
mione(_at_)nbcs-ns(_dot_)rutgers(_dot_)edu W3:
http://www-ns.rutgers.edu/~mione/
PGP Fingerprint : E2 25 2C CD 28 73 3C 5B 0B 91 8A 4E 22 BA FA 9F
Editorial Advisor for Digital Systems Report ***** Important: John 17:3 *****