Hi,
because Twofish is one of most promising candidates for AES, I'd like
to have an OpenPGP algorithm identifier. This enables us to put
Twofish into the preferences of newly created keys - with the
advantage that a user has no need to edit her preferences when we
actually have a Twofish implementation.
Current assignment is:
0 - Plaintext or unencrypted data
1 - IDEA [IDEA]
2 - Triple-DES (DES-EDE, as per spec -
168 bit key derived from 192)
3 - CAST5 (128 bit key, as per RFC 2144)
4 - Blowfish (128 bit key, 16 rounds) [BLOWFISH]
5 - SAFER-SK128 (13 rounds) [SAFER]
6 - Reserved for DES/SK
7 - Reserved for AES with 128-bit key
8 - Reserved for AES with 192-bit key
9 - Reserved for AES with 256-bit key
So what about 10 (or replace 6) for Twofish with 128 bit key; it may
also be a good idea not to specify the used keysize at all.
I further suggested to add a way to specifiy the keysize; this can
be done without much hassle in the encoded session key or calculated
from the length of the symmetrically encrypted data packet.
We should use a new packet version number for this and also add a
way to specifiy whether and how the encrypted data is MACed.
Werner