On Thu, May 26, 2016 at 2:49 PM, Stephan Mueller <smueller@xxxxxxxxxx> wrote: > Then, the use of the DRBG offers users to choose between a Hash/HMAC and CTR > implementation to suit their needs. The DRBG code is agnostic of the > underlying cipher. So, you could even use Blowfish instead of AES or whirlpool > instead of SHA -- these changes are just one entry in drbg_cores[] away > without any code change. Not Blowfish in anything like the code you describe! It has only 64-bit blocks which might or might not be a problem, but it also has an extremely expensive key schedule which would be awful if you want to rekey often. I'd say if you want a block cipher there you can quite safely restrict the interface to ciphers with the same block & key sizes as AES. Implement AES and one of the other finalists (I'd pick Serpent) to test, and others can add the remaining finalists or national standards like Korean ARIA or the Japanese one if they want them. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html