In message <[email protected]> on Sat, 10 Feb 2018 16:58:36 -0500, Viktor Dukhovni <[email protected]> said:
viktor> viktor> viktor> > On Feb 10, 2018, at 4:08 PM, Salz, Rich <[email protected]> wrote: viktor> > viktor> > This is derived from bureau/libcrypto-proposal that Emilila made in November 2015. viktor> > viktor> > We should remove the assembler versions of the following viktor> > Blowfish, cast, des, rc4, rc5, ripemd, whirlpool, md5 viktor> > viktor> > The reason is that they are outdated, not in use very much, and optimization is not important, compared to having a single reference source that we can maintain and debug. viktor> viktor> Is blowfish actually outdated? I thought it had some significant use, viktor> and don't recall any major weakness... For what it's worth, https://en.wikipedia.org/wiki/Blowfish_(cipher) mentions some weaknesses, and also that the author recommends moving away from Blowfish (use Twofish instead, but we haven't implemented that) Cheers, Richard -- Richard Levitte [email protected] OpenSSL Project http://www.openssl.org/~levitte/ _______________________________________________ openssl-project mailing list [email protected] https://mta.openssl.org/mailman/listinfo/openssl-project
