-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thursday 13 December 2001 12:56, Newsmail wrote:
> hello everybody, I'm quite new in encryption, but I want to encrypt
> some complete partitions on my pc. actually I see many cipher types I
> can use, but I dont know which one to choose. I heard that 3des is
> very slow, cpu intensive cipher.
<snip>
The question boils down to twofish, blowfish, serpent and aes.
blowfish is fast and has quite a long track record. I'd use it if it
wasn't for the 64bit blocksize. In fact, I do use it ;-)
The blocksize isn't an issue if you enrypt only modest volumes of data
under a single key (like you should!) Several hundred MB are OK. But
don't go beyond 2 or 3 GB.
serpent is quite fast (but more because the implementation is fast and
the others aren't) and considered very secure. It's a 128bit block
cipher so you don't need to think about upper limits on data encrypted
under a single key.
twofish is not quite as fast, but deemed trustworthy and secure by
experts in the field. It's also 128bit. Bruce Schneier fans would use
this (or blowfish).
I don't know much about the speed of aes, but obviously it's the
standard cipher nowadays and chosen by NIST although it isn't a US
product ;-) So either it has some design flaws that NSA knows about and
the rest of the world doesn't or it is so secure that even NSA didn't
find a hole ;-) Anyway, I'd be careful with this one, but mostly
because I don't know anything about the quality of the implementation.
As I said earlier, I've used blowfish all over and it never failed me...
But beware of the size limitations.
Marc
- --
If privacy is outlawed, only outlaws will have privacy.
-- Phil Zimmermann
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE8GKiA3oWD+L2/6DgRAhTFAJ9+N6tAHsYgrVO8G6rLlCpOA7h+LACePxtf
NUgMJ5l/ClVaV7NskJXFJ0Q=
=RLDz
-----END PGP SIGNATURE-----
-
Linux-crypto: cryptography in and on the Linux system
Archive: http://mail.nl.linux.org/linux-crypto/
