-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jari Ruusu wrote/napisał[a]/schrieb:
> > Is AES the only cipher worthy enough to be used ?
>
> How many ciphers does one need? One good one will fill most peoples' needs.
What if tomorrow some cryptographer will publish cheap, practical attack on
AES? This is unlikely but possible.
I'm impressed with your patch and I intent touse it but in this
situation I'm stuck with a weak algorithm. In other crypto applications I
can switch to always-safe and well researched 3DES. In your patch I can't do
this.
> > Is it better to have aes_set_key, des_set_key, and probably quite a few others
> > rather than:
> >
> > struct crypto_ctx *ctx = crypto_newctx("aes");
> > crypto_setkey(ctx, "blahblah");
> > crypto_encrypt(ctx, dest, src, len);
> > ?
>
> Above code is AES specific (since you hardcoded the string "aes"), so yes.
> :-)
>
> Using low-level functions (aes_set_key(), aes_encrypt(), and aes_decrypt())
> directly gives programmer more flexibility over block chaining and
> initialization issues. It would be silly to expect crypto_encrypt() to
> support all possible weirdo setups. Operation of aes_encrypt() will not
> change. Code calling aes_encrypt() may change to adapt to different
> situations: running in Linux kernel, userspace, or other operating systems,
> whatever.
Change of cipher algorithm is not a 'weirdo setup requirement'.
Alex
- --
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary
Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam,
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Dalsze informacje znajdują się na http://www.gnupg.org/
iEYEARECAAYFAjuX3X8ACgkQTfkBjn4ugD23SwCgs5JO+kubPuR+zcWnUWGRAu+w
3K0An2UDvpT9OzlO4hk3/zqYiJo5ptMG
=07rm
-----END PGP SIGNATURE-----
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
