Whoa! That's a rather complete answer... ;)
Although I would warn that some of the "cryptographically strong" schemes have
been shown to have some weak keys, i.e. I think IDEA has some weak keys. From
what I'm aware, RC5 with 16 rounds does not (so I'm a fan).
As far as stream ciphers go, could you just use a block cipher with an 8 bit
block size, and some form of cipher block chaining as a stream cipher? I realise
8 bit sounds a bit (ok, a lot) low, but CBC does help. Maybe the stream could
start with a random word (you know, like Unix salting).
David
Mike Sheldon wrote:
>
> >>Care to suggest a few? I've seen several, but I'm not sure how to evaluate
> them.
>
> The trick is, there's no way you or I can adequately evaluate an encryption
> algorithm for anything but speed. Therefore, you need to choose algorithms
> that have been tested by cryptanalysis experts (which is why public
> algorithms are so important).
>
> All information below has been at least partially obtained from "Applied
> Cryptography" by Bruce Schneier. The book includes C source-code for several
> algorithms, including Blowfish, DES and IDEA. Highly reccommended if you
> have any interest in cryptography.
>
> For Hashes:
> MD5 is still the standard almost everyone uses, though SHA and RIPE-MD are
> probably more secure.
>
> For Symmetric-Key Block Ciphers:
> I like using Blowfish, it's public domain, and quite fast on 32-bit
> processors. It has been used in a few commercial products.
> The TwoFish algorithm is showing a lot of promise in the competition for
> replacement of DES as the US Government standard. Other than that, I don't
> know much about it.
> IDEA is also a strong public cipher, it just never seemed to gain much
> popularity. I'd be very comfortable using it.
> Three-round DES is still fine for most uses, and has the advantage of being
> available in public libraries. Single-round DES should not be used for
> anything more valuable than your favorite cookie recipe.
>
> For Symmetric-Key Stream Ciphers:
> Stream ciphers are notably less secure than block ciphers, and are
> generally only recommended for things like real-time streaming of data where
> encrypting a "block" at a time is not practical (IE: hardware
> implementations of "scramblers" for radio, etc...).
> RC4 is commonly used, though it is not truly public, and use of it might
> get you into conflict with RSA Data Security.
> All the other stream ciphers I've seen are described as highly insecure.
> Remember that these algorithms are not designed for "stored" information
> where an attacker would have time to break it.
>
> Assymetric-Key Ciphers, AKA Public-Key:
> RSA and DSA are the current heavyweights, though elliptic curve algorithms
> show a lot of promise. However, these are quite complex, and you'd best have
> a thorough understanding of cryptography if you are going to write your own
> implementation. Using PGP or GPG is probably the most practical way of using
> public-key cryptography.
>
> Michael J. Sheldon
> Internet Applications Developer
> Phone: 480.699.1084
> http://www.desertraven.com/
> PGP Key Available on Request
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
