-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 04/02/2016 11:18, Nich Ramsey via RT wrote: > Moonchild: what advantages does Camellia have over AES? Sincerely asking > since I'm not familiar.
It's comparable to AES in terms of how it can theoretically be broken with algebra, as well as its processing capabilities, but as far as I know there are no known successful attacks that weaken it, and the closest anyone has come to attacking it has been against a reduced/non-full version of the 128-bit strength cipher that still required 2^116 encryptions and the same amount of plaintexts. The full one has never budged. That alone would make it a very desirable cipher. Unless, of course, you have a personal grudge against ciphers not coming from American soil (it's a Japanese-origin cipher). See also my rationale in my original post on this topic about international diversity with strong, modern encryption. Camellia is widely-adopted in a whole range of security applications. There are plenty of RFCs about Camellia, but in this context most notably RFC6367 proposing exactly this for inclusion in TLS with GCM. RFC5932 is a standards document describing Camellia in TLS as a whole. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (MingW32) iF4EAREIAAYFAlazMLsACgkQEguw022l8qy+KwD9H3Rm0qaXxcts49jvKuL54frb rzpF/WlvtiMlYDNXgEUA/1k9HjoEbLp9THY3nrHZ4Rx0wXcgT0O4b/817Cr+3iJM =JoAw -----END PGP SIGNATURE----- _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev