Re: SERPENT implementation in debian
On Thu, Aug 26, 2010 at 11:52:31PM +0200, Christoph Anton Mitterer wrote: > On Thu, 2010-08-26 at 17:43 -0400, Perry E. Metzger wrote: > > I presume you mean the cipher by Anderson, Biham and Knudsen. > Yep was there another one of the same name? > The linux kernel tree has crypto/serpent.c . > > > I'm unaware of one, but I think it is a fairly bad move to use > > algorithms other than standard ones. Unless you have very good reason > > to use something eperimental, I would stick to AES. > I plan to use them stacked ... so that shouldn't be a problem IMO. What do you hope to gain by that? Not performance. What do you hope to get that you can't get from the standard AES-256? > > Any why should it be just experimental,... wasn't it very well analysed > during the AES selection process? Yes, it was. But the specific implementation you use wasn't as well-analyzed as current implementations of AES are. -- Tzafrir Cohen | tzaf...@jabber.org | VIM is http://tzafrir.org.il || a Mutt's tzaf...@cohens.org.il || best tzaf...@debian.org|| friend -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100828132731.gb17...@pear.tzafrir.org.il
Re: SERPENT implementation in debian
On Thu, 2010-08-26 at 18:29 -0400, Perry E. Metzger wrote: > > I plan to use them stacked ... so that shouldn't be a problem IMO. > > Is your machine too speedy? There are other things you could do to > slow it down if that's important to you. *g* ... I'm already using mprime for that ;) > Yes, and it wasn't selected, was it? IIRC, that was mostly due to performance issues, wasn't it? > People spend a lot of time and > effort finding flaws in AES at this point, but very little on Serpent. I know... but this would more ore less exclude all other ciphers, and probably all non-MD5-SHA1/2 MDs. > In any case, I know of no such tools thx. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1282862711.18783.25.ca...@fermat.scientia.net
Re: SERPENT implementation in debian
On Thu, 26 Aug 2010 23:52:31 +0200 Christoph Anton Mitterer wrote: > On Thu, 2010-08-26 at 17:43 -0400, Perry E. Metzger wrote: > > I presume you mean the cipher by Anderson, Biham and Knudsen. > Yep was there another one of the same name? > > > > I'm unaware of one, but I think it is a fairly bad move to use > > algorithms other than standard ones. Unless you have very good > > reason to use something eperimental, I would stick to AES. > > I plan to use them stacked ... so that shouldn't be a problem IMO. Is your machine too speedy? There are other things you could do to slow it down if that's important to you. > Any why should it be just experimental,... wasn't it very well > analysed during the AES selection process? Yes, and it wasn't selected, was it? People spend a lot of time and effort finding flaws in AES at this point, but very little on Serpent. In any case, I know of no such tools, know of no reason why anyone would build such a tool, and know of security advantage to running serpent composed with AES on one's machine. Unless your box is surrounded by armed guards at all times and detached from a network, and is running only hardware that you personally produced in your own foundry from your own designs, there are simpler ways to get the contents of your hard drive than cracking keys. AES-128 is far more than good enough for all normal purposes. -- Perry E. Metzgerpe...@piermont.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100826182900.2919d...@seasnet-6-11.cis.upenn.edu
Re: SERPENT implementation in debian
On Thu, 2010-08-26 at 17:43 -0400, Perry E. Metzger wrote: > I presume you mean the cipher by Anderson, Biham and Knudsen. Yep was there another one of the same name? > I'm unaware of one, but I think it is a fairly bad move to use > algorithms other than standard ones. Unless you have very good reason > to use something eperimental, I would stick to AES. I plan to use them stacked ... so that shouldn't be a problem IMO. Any why should it be just experimental,... wasn't it very well analysed during the AES selection process? Cheers, Chris. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1282859551.11340.37.ca...@fermat.scientia.net
Re: SERPENT implementation in debian
On Thu, 26 Aug 2010 22:51:19 +0200 Christoph Anton Mitterer wrote: > Is there a implementation of SERPENT (for file encryption, not > disk) in Debian, except mcrypt (which is buggy and orphaned > according to its package description)? > > I mean a finished tool, not just a library. I presume you mean the cipher by Anderson, Biham and Knudsen. I'm unaware of one, but I think it is a fairly bad move to use algorithms other than standard ones. Unless you have very good reason to use something eperimental, I would stick to AES. -- Perry E. Metzgerpe...@piermont.com -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100826174340.10446...@seasnet-6-11.cis.upenn.edu
SERPENT implementation in debian
Hi. Is there a implementation of SERPENT (for file encryption, not disk) in Debian, except mcrypt (which is buggy and orphaned according to its package description)? I mean a finished tool, not just a library. Cheers, Chris. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/1282855879.11340.20.ca...@fermat.scientia.net