On Tue, Jan 03, 2006 at 11:40:26PM +0100, Sebastian Rother wrote: > Yes OpenBSD uses Blowfish and yes it si secure and YES it could be blf > with 448Bit. But OpenBSD uses (as far as I know) just 128Bit.
This is not true, vnconfig does read a maximum of 128 bytes (1024bit) and the key can not be larger than that. You can easily follow the function calls until it gets into blf_key(). blowfish(3) says that "The block size is 64 bits and the maximum key size is 448 bits." > Blowfish is secure but Twofish is faster and as secure as Blowfish. > At least if there some quant. computers 128Bit will not save ya day > anymore. > The question is not "Is blowfish still secure enought". > It is more: Why can't the user choose how strong the data will get > encrypted? menpower? > > An ideal algorithm for user-accounts would be secure and slow as hell. > But then such an algorithm would just be usefull to protect the > user-passwords.... > > Blowfish is a good compromise but Twofish would be indeed also neat too > because it's faster (importent for data-encryption) in software then > AES (Rijandel). I have Truecrypt on a windows box. The benchmarks of this app show the blowfish ist faster than all the others on my computer. As far as i can remember, it supports blowfish, twofish, aes and some others. Have a look into it :) > > And if I'm allowed to "wish" me something for next x-mas: > A better solution to encrypt whole disks would be nice. > Maybe also using the AES-Engine from the VIA CPUs for this job. > Or just a way to encrypt the disks where I could choose some parameters > of the algorithm (Bits, Rounds..)... > > FreeBSD has a nice way (geom) to encrypt whole disks (just from the > point of the usebility). > > Kind regards, > Sebastian > > p.s. > Bruce Schneier wouldn't develop an algorithm if he would still think > that Blowfish (an algorithm from 1993 and puplished 1994) would still > be the best choice for the next 10-30 years. > As far as i know here were certain design criterias (for example 128 bit blocksize, hardware implementation and such stuff). And twofish does not sound very much like a completly new thing to me? Maybe someone should ask him why he did not say anything on his website that blowfish is "insecure"? I mean, he also said that md5 und sha-1 are insecure, so why does he not do the same thing for blowfish? Something else I would like to add. The real winner (in security) of the NIST contest was serpent. Serpent can be implemented very well in hardware, but does not perform good in software. The Linux kernel has support for it and i used it some time, but it is really slow. So if you are paranoid, don't cry for AES, go for serpent. There are maybe reasons why the NSA didn't like it ;)) Another (ot) thing, it is easy to add keyfile(s) to vnconfig. What you need is gpg and a small patch [1] that makes vnconfig read from stdin. Encrypt your keyfile with gpg und put it on an usb stick. Write some small shell scripts that pipe the output of gpg into vnconfig and add some nice dialogs.. Now you can change your passphrase as often as you wish and have your disk encrypted with a keyfile that is guarenteed not in an lookup table at some supercomputers of some mysterious three letter agency ;) Tobias [1] http://www.tmux.org/tmp/vnconfig.c.diff (That's my crappy version of it, but there are other...)
