Martin Hamilton <[EMAIL PROTECTED]> writes:
> Niels - could I interest you in using another algorithm (Blowfish?)
> instead of IDEA as the lsh default ? IDEA is bad ju-ju pretty much
> everywhere. Pinch some code from Werner's crypto library for GNUPG ?
Hmm. I don't remember saying that I was going to make IDEA the default
crypto. But never mind.
� First crypto I'll support is probably RC4, because it's simple, and
because I don't have to worry about IV:s or detection of weak keys.
� Second is triple-DES, because it's mandated by the rfc, and because
it seems to be the algorithm of choice among paranoid cryptographers.
IDEA is cute, but not high priority.
About sharing code with gnupg: I and Werner have talked about it. We
don't (yet) agree on what a generic crypto library should look like,
but I think it would be a Good Thing to use a common library. For the
time being, I use various public domain or LGPL:ed routines mainly
written by Peter Gutmann, Colin Plumb, Dana How and Steve Reid. That's
because they work, I knew about them, and I have used them in other
projects. But whatever comes out of the library plans, I'll probably
turn to gnupg anyway for the algorithms that I don't have
implementations of already.
The licence for a generic library is another interesting question. I
think one should at least consider releasing a hypothetic GNU generic
crypto library under the LGPL, similarly to recent GMP versions. It
would be interesting to know about the considerations that led to
GMP-2.0 switching to LGPL. (lsh of course should be GPL:ed).
/Niels
