On Thu, 29 Dec 2005, Travers Buda wrote: > The key schedule in both is _much_ faster than Blowfish.
That is not a feature, at least not in the contexts where we use blowfish most. > The password file and > others would require the use of salts in order to resist dictionary attacks, > especially of the time-space trade-off variety. guess what? We have used long salts with Blowfish passwords since at least 1999. http://www.openbsd.org/papers/bcrypt-paper.ps If there is a use of Blowfish in OpenBSD that you think is inappropriate then please send diffs. -d
