On Sun, Mar 18, 2007 at 08:55:33PM +0100, Bram Moolenaar wrote: > Main issue is that the current encryption is breakable. We need a > stronger encryption, which is free to distribute. We only need one new > method.
If a strong encryption algorithm is used, the keys may still be the weak spot. A plain assword will be breakable, but it is convenient and probably good enough in many cases. However, if it should be possible to use for business secrets it may be necessary to allow for the key to be stored in a separate file. I see no reason to choose anything else than AES (FIPS-197, Rijandel). It's probably the most well analyzed block cipher today. I don't think it makes any sense to choose a breakable algorithm just to avoid export restrictions, then it would be just as good to keep the current methods instead. It seems better to make sure that the code is developed in a country with sensible export laws, and not reexported from any country with unreasonable laws. Someone mentioned padding - all block ciphers operate on blocks of data, but the mode of operation used determines whether padding is needed or not: http://csrc.nist.gov/CryptoToolkit/modes/ Blowfish was mentioned. It does not use 56 bit keys but it can use up to 448 bits (56 bytes). It uses 64 bit blocks. I don't think there are any known weakness, but I think AES is a better choice (it uses 128, 192 or 256 bit keys and a block size of 128 bits). But as I mentioned, the difficult thing will be to come up with a good way to handle keys. It may also be a good idea to use some integrity check. Andreas