Re: Blowfish still good enough?

Sun, 01 Jan 2006 08:36:50 -0800 

---- Original message ----
>Date: Sun, 01 Jan 2006 10:39:02 +0100
>From: Said Outgajjouft <[EMAIL PROTECTED]>  
>Subject: Re: Blowfish still good enough?  
>To: [email protected]
>
>Travies all crypto is breakable. The only demand on crypto is how long
>in takes to break it. If it takes more than 5 years the military usually
>thing its safe enough to use. Why, because after 5 years the information
>is usually out of data.
>
>But since you withhold so sensitive data I suggest you burn it up and only
>remember it in your head than it should be safe enough for you.
>
>Time after time you state you dont know anything about programming and
>crypto still you bitch how the OpenBSD developer should develop the system.
>If you dont like the way they have done it why dont you just send diffs
>and correct their terrible mistakes. As the slogan goes for whiners on misc
>SHUT UP AND CODE which you should know as an historian because you only
>need to check past posts on the misc list .
>
>But I guess a philosopher you will argue what SHUT UP really means and
>we will see a flood of post about that on misc to.
>

LOL!

i agree that travers doesn't make a good case for why support for additional
ciphers should be added. it would, however, be nice to be able to select from a
number of ciphers for encrypted file system support via vnconfig. again, you've
made a good point: somebody has to SHUT UP AND CODE to get this done. this won't
be me doing this, but i'm just saying it would be nice to see even though i'm
totally confident in the safety of blowfish.

the main point that travers has made in several of his emails (besides the key
point that "he doesn't know what he's talking about") is that the block size of
64 bits worries him. since, AFAIK, blowfish is even less brute-forceable than
the rijndael competitors due to the key scheduling algorithm and design
considerations related to it, i assume travers' concern is vulnerability to
cryptanalytic attacks. is there a correlation between cryptanalytic
vulnerability and block size?

Reply via email to