As far as ciphers go, the new US government standard cipher, called AES, will be announced later this year. Whatever cipher we use now, we should probably plan on switching to AES. Information on the ciphers and timetable is available at http://csrc.nist.gov/encryption/aes/.
Five final candidate ciphers have been chosen. Based on discussion on sci.crypt and some communication I have had with the participants, there is no clear front runner. However there is some feeling that a Dutch cipher called Rijndael (pronounced rain-dahl) may have a slight edge, perhaps with a boost to the number of internal data transformation rounds. Rijndael is fast, flexible, and looks strong. At the recent AES3 conference, each submitting team was asked which cipher they would support if their own weren't chosen, and Rijndael was the favorite, according to reports (again, possibly boosting the number of rounds). A poll taken among attendees also put Rijndael in the lead. Nevertheless there are many strong supporters of Twofish, designed by a well known team of American cryptographers, including Bruce Schneier, author of a standard introductory text. Another cipher called Serpent is also popular although it tends to be slow in software. The two remaining ciphers, RC6 and MARS, don't seem to have many backers. Java implementations of all the ciphers are available at the NIST site, although they might require some restructuring to be suitable for our use. Twofish is not a bad choice for now; I'd guess it has maybe a 30-40% chance of being chosen. Rijndael would rank a little higher, Serpent a little lower. I would avoid the non-AES candidates at this point, unless we just want to put something together quickly. Whatever cipher we use, we should design the system to allow a change later. Hal _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
