5) I chose OpenSSL's Blowfish because it's fast, simple, and (through CFB mode and stored IV/count) can encrypt/decrypt arbitrary-sized blocks, and thus doesn't have that annoying n-byte granularity. Can I use OpenSSL's BF with confidence? What constraints should I observe?
You could avoid this problem by using the SHA1 hash (or MD5 hash) of your ASCII key as the Blowfish key. This would avoid the problem you're referring to since the hashes for 'fred' and 'fredfred' would be different.
-- Jon Bright Lead Programmer, Silicon Circus Ltd. http://www.siliconcircus.com
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
