On Thu, Sep 27, 2001 at 10:32:09PM +0000, Jonas Larsson wrote:
> For me it seems like either the AES or Twofish crypto with the maximum
> keylength of 256 bits is probably the _most_ secure choise. For me the
> security strength is _much_ more important than the speed of read/write to
> the fs.
>
> Any coments?
How do you measure security? Most cryptographers (and I doubt there are
any on this list) say that time and analysis will increase their trust
in a given algorithm. Neither AES nor Twofish has been around that long.
The venerable and slow old 3DES has, and it has defied all attackers.
IDEA has probably been around long enough to have earned trust. Blowfish
is getting there, if not there already.
Somewhere recently I read a slightly outdated page which described all
the main algorithms in layman's terms, and included plenty of cites of
respected cryptographers' opinions. Sorry, I don't know the URL.
At that time (pre-AES) it definitely did not recommend Rijndael nor
Twofish. However, it did point out that the AES winner would be likely
to receive lots of scrutiny, so in time Rijndael (AES) might be seen as
an excellent choice.
I personally feel more secure even with XOR. :) That's because I don't
see the TLA's as being in a likely threat model for my data. If the move
to outlaw encryption succeeds, I'll certainly want to increase my
encryption strength. Right now I'm blissfully using Blowfish for most
loop containers, but I throw in other algorithms to be different. :)
I definitely believe that the longer keylengths you choose, the better,
no matter what algorithm is employed. But again, this is only a lay
opinion. You should look to places such as counterpane.com (Schneier's
company) for better answers.
Rob - /dev/rob0
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
