FUD about CGD and GBDE
Poul-Henning Kamp
phk at phk.freebsd.dk
Fri Mar 4 07:39:48 GMT 2005
In message <87bra0grwe.fsf at snark.piermont.com>, "Perry E. Metzger" writes:
>My strong suggestion for you is that you adopt a similar approach --
>build a good framework that, given good algorithms, will provide
>security, and make it easy for users to change over if an algorithm
>falls.
If you actually look at GBDE, you will see that any and all of the
algorithms can be changed. They are used only in their most basic
capability. This was part of the design from the start: not to
rely on any single-source algorithm.
>Well, so is stock AES 256. I don't see why I should assume your
>construction is any better. What do you know that the NIST/NSA review
>of AES did not know?
That neither the authors of Rinjdael, its reviewers, nor NIST are
willing to offer a 25 year warranty on it.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-hackers
mailing list