ietf-openpgp
[Top] [All Lists]

Re: Adding GOST as a cipher?

2005-01-21 11:17:12

I'm not happy about adding a cipher with a 64 bit block size in this day
and age.  Putting it into the spec seems to be an implicit endorsement to
some degree.  We took out ElGamal signatures because of the difficulty of
using them securely, and I think we should continue to demand that we only
add algorithms to the spec if they provide acceptable levels of security.

I don't know the details of GOST but it is often called the "Russian
DES" and we certainly wouldn't want to add a DES-strength cipher now.
GOST has a much larger key so it is not quite the same but overall it
seems like an old cipher whose time has passed.

For those who want to use it, would an acceptable alternative be
a short informational RFC which specified an algorithm ID from the
private/experimental range?

Hal


<Prev in Thread] Current Thread [Next in Thread>