OK. So what you are saying is that Twofish is 16 bytes and SHA-1 uses 20
bytes. But I thought SHA1 is a hashing algorithm used by the MAC protocol
for data integrity, whereas Twofish is a cipher used for encryption. Do they
not have different uses?
regards,
Gordon
-----Original Message-----
From: Markus Friedl [mailto:[EMAIL PROTECTED]]
Sent: Sunday, November 26, 2000 9:59 AM
To: Gordon Fritsch
Cc: '[EMAIL PROTECTED]'
Subject: Re: Twofish in OpenSSH
On Thu, Nov 23, 2000 at 05:06:29PM -0800, Gordon Fritsch wrote:
> Does anyone know why the Twofish cipher is not included in the OpenSSH
> distribution? I have seen Twofish used in some of the SSH commercial
> implementations, but was wondering why it is not included in the open
> source?
because OpenSSL does not include twofish.
why do you need twofish? SSH-2 currently supplies
an entrophy of at most 20 bytes because of the
usage of SHA-1.
