List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
Hello Florian :)
Florian Philipp wrote:
> I just did some benchmarking on different ciphers for cryptsetup-luks
I have not done benchmarks on my own, and cannot say if your method is a
good one. What I've read is, that AES(Rijndael)-implementations have
been optimized a lot on all platforms. The last test I've read said,
that the Linux AES (Rijndael) implementation is fastest (compared with
others in its class) at 128 bit, while at 256 bit Blowfish is faster
than AES (Rijndael). (This will most certainly differ on other platforms!)
> Do you think keysize is more important than choosing a cipher which
> made it further in the AES-contest and therefore using Anubis with
> 320bit would be a better choice than AES or Twofish with 256bit?
> Might it even be an advantage because less people try to brake Anubis
> than AES (although it bears some similarity with AES and might be
> vulnerable to the same attacks)?
From what I've read, it is most important to use a well understood and
heavily reviewed algorithm. That also means, that it is good, if lots of
people have tried to break it.
> And if I need a faster cipher, do you think Blowfish with 64bit keys
> is save for the next 3 years?
I think you should stick to Rijndael-128 or Blowfish-256 - they are well
optimized for your computer, heavily analyzed by crypto-experts and
provide both the cryptographic strength against most attackers for the
next few years (say the crypto-experts, to whom I do not belong).
use PGP key @ http://pgpkeys.pca.dfn.de/pks/lookup?search=0xBB9D4887&op=get
# gpg --recv-keys --keyserver hkp://subkeys.pgp.net 0xBB9D4887