Re: I-patch problem statement (update)

[Janusz A. Urbanowicz <alex@bofh.torun.pl>]

Jari Ruusu wrote/napisał[a]/schrieb:
> "Janusz A. Urbanowicz" wrote:
> > What if tomorrow some cryptographer will publish cheap, practical attack
> > on AES? This is unlikely but possible.
> 
> If that happens, loop-twofish is born.

And all users are forced to repatch, recompile, reboot and repent. This is
broken. Algorithm-switch should be possible without such severe system
modification (yes, patching kernel and rebooting may be a problem on
RL productivity servers).

> > I'm impressed with your patch and I intent touse it but in this
> > situation I'm stuck with a weak algorithm. In other crypto applications I
> > can switch to always-safe and well researched 3DES. In your patch I can't do
> > this.
> 
> In previous life, loop-AES used to be loop-TripleDES for years. There was
> nothing wrong with that, except that is was slow. loop-TripleDES was not
> publically available. I made loop-AES publically available after I swithed
> the cipher from 3DES to AES.

Oh, sure. And I have want to use, and have a license for IDEA[1]? Or
blowfish? Or CAST? I do not ask you to include these ciphers. I only say
that it is a very bad idea to hardcode one algorithm you personally think is
best.

[1] I don't need it - here you can't patent algorithms.
-- 
Janusz A. Urbanowicz | ALEX3-RIPE | SF-Framling | Thawte Web Of Trust Notary

Gdy daję biednym chleb, nazywają mnie świętym. Gdy pytam, 
dlaczego biedni nie mają chleba, nazywają mnie komunistą. - abp. Helder Camara

Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/