Actually, openssl recommends Blowfish (other AES finalist) because its performance by software encryptation (as Linux is) is much better...
To my knowledge, the OpenSSL Project doesn't recommend any particular cipher.
That is correct. I can reassure subscribers of this list that OpenSSL team does *not* recommend or favors in any other way Blowfish over AES [or anything else]. If somebody makes such recommendations, it's sole liability of that party and not of OpenSSL.
As for software performance, one has to compare apples with apples and not pears, or more specifically compiler-generated code with compiler-generated one and not with hand-coded assembler in this context. If compared fairly, software AES surpasses Blowfish [at least on the platforms I've tested]. As far as x86 platform [such as average Linux desktop] goes, I'd suggest to grab OpenSSL development snapshot and measure it for yourself. Our hand-coded AES implementation outperforms hand-coded Blowfish by 20-30% [varies from one CPU microarchitecture to another] at 128-bit keylength. A.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
