Um, it hasn't been proven as the best algorithm. It merely hasn't been 
broken... yet. Actually, many people think IDEA is better. According to Bruce 
Schneier (creator of blowfish and twofish), "...it is the best and most 
secure block algorithm available to the public at this time..." (Applied 
Cryptography, 2nd Edition, Section 13.9) Twofish, blowfish, AES, 
triple-DES... All are more than enough for pretty much anyone, but none has 
been PROVEN more secure than another, and all will probably be broken 
eventually. Go-go quantum computing ;)

With regards to the "why use AES? Blowfish can have a 448 bit key size!" 
comment, does that mean if I XOR something with a 4096-bit key, I will have 
great security??? Sorry that was approaching flame, but I had to illustrate 
the point- its not just the size of the key that matters; it's how you use 
it! hehe i'm proud of that one.

Now, as for the type of encryption, you really should get a copy of Appled 
Cryptography, 2nd Edition, and read chapter 9. It depends on your 
application. All have pros and cons.



On Wednesday 22 May 2002 02:24 am, Vinod Panicker wrote:
> And why not use AES, which is an industry standard and having
> being proven as the best encryption algorithm in recent times?
>
> http://csrc.nist.gov/encryption/aes/aesfact.html
>
> As far as ECB mode is concerned, I dont know what problems you are
> talking about.  I'm aware that the data gets encrypted in
> independed blocks and its easier to crack it, but its faster than
> other modes.
>
> Tx,
> Vinod.
>
> On Wed, 22 May 2002 John Horton wrote :
> >why use AES? Blowfish can have a 448 bit key size! Also, why use
> >ebc mode
> >with all the problems which come with it?
> >JH
> >
> >-----Original Message-----
> > From: Vinod Panicker [mailto:[EMAIL PROTECTED]]
> >Sent: 22 May 2002 10:06
> >To: Jimmy Lantz
> >Cc: [EMAIL PROTECTED]
> >Subject: Re: RE: [PHP] Mcrypt: Blowfish or Twofish or no fish?
> >part 3
> >
> >
> >There is no use of hashing in file-encryption except to use it
> >as
> >a check - to see if the decrypted file matches the original
> >file.
> >To do this check, you can use either MD5 or SHA1.  The choice
> >is
> >urs.
> >
> >If ur looking for a good encryption algorithm, you might want
> >to
> >consider AES (Rijndael).  It supports encryption using
> >different
> >key sizes as well as all modes.
> >
> >You can take your pick from ECB / CBC also.  For binary file
> >encryption, i would recommend ECB mode.  For text files, it
> >would
> >be better that you use CBC mode.
> >
> >Tx,
> >Vinod.
> >
> >On Wed, 22 May 2002 Jimmy Lantz wrote :
> > >>I believe that twofish has been successfully broken, so use
> > >>blowfish
> > >>instead. Typically, for encrypting files you will use an
> > >>algorithm like
> > >>blowfish in cbc mode (as opposed to ebc mode) but I don't
> >
> >know
> >
> > >>if Mcrypt
> > >>supports this. Also, when creating the hash of the file, it
> >
> >is
> >
> > >>probably best
> > >>to use SHA-1 instead of MD5, as there appears to be some
> >
> >concern
> >
> > >>with MD5
> > >>over it's compression function.
> > >>HTH
> > >>JH
> > >
> > >It helps :)
> > >I have been looking into Blowfish with cbc mode :)
> > >If I use SHA-1 it's still no way to dehash it during
> >
> >decryption
> >
> > >of the file,
> > >so I fail to see the use of Hashing in fileencryption.
> > >Could someone enlighten me?
> > >/ Jim
> > >
> > >
> > >-- PHP General Mailing List (http://www.php.net/)
> > >To unsubscribe, visit: http://www.php.net/unsub.php
> >
> >_________________________________________________________
> >Click below to visit monsterindia.com and review jobs in India
> >or
> >Abroad
> >http://monsterindia.rediff.com/jobs
> >
> >
> >--
> >PHP General Mailing List (http://www.php.net/)
> >To unsubscribe, visit: http://www.php.net/unsub.php
>
> _________________________________________________________
> Click below to visit monsterindia.com and review jobs in India or
> Abroad
> http://monsterindia.rediff.com/jobs


-- 
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to