[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Blowfish still good enough?



On Monday 30 January 2006 00:22, veins wrote:
> Travers Buda wrote:
> >[...]
> >No known weaknesses exist in Blowfish, but that 64 bit block scares
> > me. [...]
>
> Can you explain why it scares you ? I am not a cryptographer but I
> see no reason why a cipher using
> 64 bit block size is scary, all of the attacks I can think of that
> are tied to the block size are still not
> practicable with a 64 bit block size (either they require too much
> memory, too much time or too much
> information). Maybe I am not thinking of something obvious, so please
> correct me if i'm wrong.

> Blowfish has also been scrutinized and analyzed (and for a longer
> time than both Rijndael and Twofish), it
> has proven to be strong and resistant, as well as efficient for most
> needs. Also Rijndael being the standart
> doesn't mean that it is the safest choice at all (not that i'm saying
> its bad, im not a cryptographer), and
> well Twofish sounds cool but why switch from a working solution to
> another one, when there's no real need
> for that time and effort consuming change ?

Yes, this entire thread may be moot. Why fix it if it ain't broken? 
Well, we may not know that it is broken. We can only use our best 
judgement--a matter of opinion sometimes. Ack.

Bruce Schneier designed Blowfish. 
Bruce Schneier designed Twofish to be a sucessor to Blowfish. 

> Blowfish has also been scrutinized and analyzed (and for a longer
> time than both Rijndael and Twofish)

Blowfish may be older, but I think that Twofish has been analyzed more 
than Blowfish due to the NIST competition a few years back. 

> well Twofish sounds cool but why switch from a working solution to
> another one, when there's no real need
> for that time and effort consuming change ?

I agree, Blowfish is just fine in some applications. I don't know if 
it's universal though. OpenBSD uses it almost universally. 

I'm not saying OpenBSD should use Twofish. I'm asking wherether or not 
OpenBSD should use Twofish. 

Sweet dreams,  veins

Travers