[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Crypto algorithms for IKEv2

To: ipsec@lists.tislabs.com
Subject: Re: Crypto algorithms for IKEv2
From: daw@mozart.cs.berkeley.edu (David Wagner)
Date: 29 Apr 2003 16:57:31 GMT
Distribution: isaac
Newsgroups: isaac.lists.ipsec
Organization: University of California, Berkeley
References: <p0521060cbad316b2792a@[63.202.92.152]> <000001c30de3$902b4d00$0300a8c0@riverside>
Sender: owner-ipsec@lists.tislabs.com

Jimmy Zhang wrote:
>How about TWOFISH ?

No, please.  Stick to AES and Triple-DES; they are very fine algorithms.

My strong advice is to use AES, not Twofish.  There's nothing wrong with
Twofish -- I'm pleased with the design and how it has held up -- but I
think AES is clearly the right choice over Twofish.  AES was selected
for the standard over all other competitors, and I think, rightly so.
Most importantly, AES is receiving far more scrutiny than Twofish.
This gives a powerful reason to prefer AES over Twofish (or any of the
other finalists, including Serpent, for that matter).

I prefer to view Twofish as deprecated these days and to encourage people
to use AES instead, unless there is some special requirement that makes
AES unsuitable.

Full disclosure: I was a co-designer of Twofish, so I'm probably biased.

References:
- Crypto algorithms for IKEv2
  - From: Paul Hoffman / VPNC <paul.hoffman@vpnc.org>
- RE: Crypto algorithms for IKEv2
  - From: "Jimmy Zhang" <jzhang@elmic.com>

Prev by Date: Re: Question on inbound IPSEC policy check
Next by Date: Re: Crypto algorithms for IKEv2
Prev by thread: RE: Crypto algorithms for IKEv2
Next by thread: Re: Crypto algorithms for IKEv2
Index(es):
- Date
- Thread