Jari Ruusu wrote: > > > So many people have asked about more ciphers for loop-AES that next release > > > may have additional extra-ciphers package with at least serpent, blowfish > > > and twofish ciphers. > It is going to be add-on package (a separate tarball). Loop-AES core will > remain AES only. One of the reasons is that loop-AES supports old 2.0 > kernels, but externally loaded ciphers only work with 2.2 and later kernels > only. Externally loaded ciphers may also be a security weakness. I'd suggest aiming at just AES plus Serpent and Twofish, the other two AES finalists with good licenses. They all operate on 128-bit blocks with 128, 192 or 256-bit keys (AES contest requirements). Much of the existing code for them was written with a common interface for AES testing. It should be straightforward to use these three interchangeably. Then make them all compile-time options, not externally loaded. Methinks Blowfish is pointless. It is a good cipher, but not a good fit for this application. It operates on 64-bit blocks and was not an AES candidate, so adding it would complicate the interface considerably. The Blowfish designer, Schneier, was on the Twofish team. I suspect he'd tell you to use Twofish, not its predecessor. - Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
