One problem we have (which was discussed a while back on this list) is
that our algorithm identifiers have no provision for variants. With IDEA
this was not a problem as there was only one IDEA. 3DES is pretty well
standardized on the version we use (EDE). CAST is technically a design
procedure rather than a cipher, and what we call CAST is properly known
as CAST5-128, with several other variations possible.
The newer ciphers we are reserving alg identifiers for also have this
problem. In the case of Blowfish, it can support any key size up to
some maximum. I think 128 bit keys may be a common implementation.
GOST does not specify the S-boxes so there will be variations on that,
similar to CAST.
AES is planned to support a few different key and block sizes so there will
be at least two or three variations on that one.
I'm not sure it makes sense to reserve single algorithm identifiers for
these ciphers. Maybe we should just do it as they are implemented.
When someone implements Blowfish with a 128 bit key they get an algorithm
ID for that. If someone else wants to implement a 256 bit key they get a
new identifier. There is probably not a need for a huge spectrum of
variations on any of these functions.
Hal Finney
hal(_at_)pgp(_dot_)com
hal(_at_)rain(_dot_)org