On Sun, Mar 18, 2007 at 08:55:33PM +0100, Bram Moolenaar wrote:
> Main issue is that the current encryption is breakable.  We need a
> stronger encryption, which is free to distribute.  We only need one new
> method.

If a strong encryption algorithm is used, the keys may still be the weak
spot.  A plain assword will be breakable, but it is convenient and
probably good enough in many cases.  However, if it should be possible
to use for business secrets it may be necessary to allow for the key to
be stored in a separate file.

I see no reason to choose anything else than AES (FIPS-197, Rijandel).
It's probably the most well analyzed block cipher today.  I don't think
it makes any sense to choose a breakable algorithm just to avoid export
restrictions, then it would be just as good to keep the current methods
instead.  It seems better to make sure that the code is developed in a
country with sensible export laws, and not reexported from any country
with unreasonable laws.

Someone mentioned padding - all block ciphers operate on blocks of data,
but the mode of operation used determines whether padding is needed or
not: http://csrc.nist.gov/CryptoToolkit/modes/

Blowfish was mentioned.  It does not use 56 bit keys but it can use up
to 448 bits (56 bytes).  It uses 64 bit blocks.  I don't think there are
any known weakness, but I think AES is a better choice (it uses 128, 192
or 256 bit keys and a block size of 128 bits).  But as I mentioned, the
difficult thing will be to come up with a good way to handle keys.

It may also be a good idea to use some integrity check.

   Andreas

Reply via email to