On Oct 10, 2013, at 4:49 PM, Giles Coochey <gi...@coochey.net> wrote:
> On 10/10/2013 15:04, Chris Bagnall wrote: >> What made you change from AES to Blowfish, and is there any evidence to >> suggest that Blowfish is more 'secure' than AES? >> > My understanding is that AES was championed by an agency which has received > recent bad-press.;-) This is not an answer. > Blowfish was a contender to actually become AES wasn't it? yes, but even Bruce Schneier, Blowfish's creator, is quoted in 2007 as saying "At this point, though, I'm amazed it's still being used. If people ask, I recommend Twofish instead.' https://www.computerworld.com.au/article/46254/bruce_almighty_schneier_preaches_security_linux_faithful/ > I agree that I might see better performance with AES as it is supported in > hardware by many chipsets, and when selected all the contenders marked AES as > second best (after their own submissions of course...). I'm not saying it is > insecure, I'm just weary of the following: <non-technical reasons> > Is there any mechanism to insert ciphers into Pfsense that are not currently > supported? You have the source code. I, for one, am uninterested in non standards-compliant (and thus interoperable) implementations. jim _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
