-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Aug 26, 2010, at 2:02 PM, Christoph Anton Mitterer wrote:
Hi.
Have it ever been considered to add SERPENT to OpenPGP?
AFAIK it's free/patent-unencumbered,... and IIRC the AES process, it was
considered to be even more secure than Rijndael.... of course it's
probably far less analysed than the later.
OpenPGP has Twofish, for which pretty much all the same things can be said. If
you don't like AES, you should likely be using Twofish or Serpent. OpenPGP
happens to have Twofish in it.
If you wanted to write an RFC for Serpent, go for it. Look at the one for
Camillia as a guide and plagiarize all that you need.
Another issue, which comes just in my mind.... would it make sense to
add support for stacked encryption?
I mean, having a literal packet encrypted with a symmetrically encrypted
data packet say with cipher A, which in turn is encrypted with another
symmetrically encrypted data packet say with cipher B.
Of course the session key packet would have to be large enough to
provide key material for both.
What problem are you trying to solve? People have done that before. You could
build this up in an only slightly klugy manner with existing OpenPGP
components.
Jon
-----BEGIN PGP SIGNATURE-----
Version: PGP Universal 2.10.0 (Build 554)
Charset: us-ascii
wj8DBQFMduKXsTedWZOD3gYRAhLDAJ4hAZ09zSm2dx9GXhYZfaY2WD/zrwCgxErW
fi1e0+HmQ5pWwSevaRp7GuA=
=Fb4X
-----END PGP SIGNATURE-----