[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A little social engineering

Matt Thomas writes:
> [Me too!]  However, at least for me, 16 round RC5 (independent of 
> keysize) is about twice as fast than CAST-128 in software.

RC5 is patented and cannot be used without paying fees to RSADSI.

> >- there's no ESP docs for IDEA, present or on the radar.
> I've thought of writing one but it hasn't been high on my list
> of things I might do.  Given the availability of CAST5-128 and/or
> Blowfish, I don't see a pressing need for IDEA given that it's
> restrictions.  [Of course, one could say the same of RC5.]

Blowfish worries me a bit. Many others have said long before me that
the key scheduling doesn't give one a sense of comfort.

> >Subjectively I think 3DES and CAST-128 are the ones to look at since (a)
> >there's code, (b) there's hardware and (c) there's a low volume of negative
> >cryptographic opinion on them.
> At least in my brief search, I didn't find a CAST-128 implementation

There are a couple out there already, actually, but they are only now
starting to pop their heads over the horizon.

> but it didn't take that long to write one using RFC 2144.  CAST-128 may
> be too new to have much analysis done yet.  I like it but it may be
> premature.

That is my feeling, too. I trust the creators of CAST and like the
methods they employed to create it, and it feels like a good cipher to
me, but I want it beaten on for a few years before I am going to trust
the cipher itself.