Ted Unangst wrote:
> On 12/31/05, Travers Buda <[EMAIL PROTECTED]> wrote:
>
>>The Nazis thought their Enigma machine was perfect.
>
>
> Do you know why Enigma was broken? Primarily because the operators
> didn't follow procedure and made a series of other mistakes ("This
> doesn't seem too important"). As is typical, the problem was not with
> the crypto, it was with the idiots using it.
Related to the Enigma:
They had to Write "Heil Hitler" or "HH" at the End of every message.
So it's a neat example for a known plaintext attack. :-))
related to svnds:
Yes OpenBSD uses Blowfish and yes it si secure and YES it could be blf
with 448Bit. But OpenBSD uses (as far as I know) just 128Bit.
Blowfish is secure but Twofish is faster and as secure as Blowfish.
At least if there some quant. computers 128Bit will not save ya day
anymore.
The question is not "Is blowfish still secure enought".
It is more: Why can't the user choose how strong the data will get
encrypted?
An ideal algorithm for user-accounts would be secure and slow as hell.
But then such an algorithm would just be usefull to protect the
user-passwords....
Blowfish is a good compromise but Twofish would be indeed also neat too
because it's faster (importent for data-encryption) in software then
AES (Rijandel).
And if I'm allowed to "wish" me something for next x-mas:
A better solution to encrypt whole disks would be nice.
Maybe also using the AES-Engine from the VIA CPUs for this job.
Or just a way to encrypt the disks where I could choose some parameters
of the algorithm (Bits, Rounds..)...
FreeBSD has a nice way (geom) to encrypt whole disks (just from the
point of the usebility).
Kind regards,
Sebastian
p.s.
Bruce Schneier wouldn't develop an algorithm if he would still think
that Blowfish (an algorithm from 1993 and puplished 1994) would still
be the best choice for the next 10-30 years.
