IETF Logo Mail Archive

Re: [openpgp] Intent to deprecate: Insecure primitives

Jon Callas <jon@callas.org> Mon, 16 March 2015 22:48 UTC

Return-Path: <jon@callas.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB3821ACC87 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:48:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tbUKc1PE8RHQ for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:48:40 -0700 (PDT)
Received: from mail.merrymeet.com (merrymeet.com [173.164.244.100]) by ietfa.amsl.com (Postfix) with ESMTP id 449251AC7E8 for <openpgp@ietf.org>; Mon, 16 Mar 2015 15:48:40 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mail.merrymeet.com (Postfix) with ESMTP id C4BAA6C9B6E5; Mon, 16 Mar 2015 15:48:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at merrymeet.com
Received: from mail.merrymeet.com ([127.0.0.1]) by localhost (merrymeet.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id eSF-qP1aJD-L; Mon, 16 Mar 2015 15:48:07 -0700 (PDT)
Received: from keys.merrymeet.com (keys.merrymeet.com [173.164.244.97]) by mail.merrymeet.com (Postfix) with ESMTPSA id C3CDE6C9B6CC; Mon, 16 Mar 2015 15:48:07 -0700 (PDT)
Received: from [10.0.23.30] ([173.164.244.98]) by keys.merrymeet.com (PGP Universal service); Mon, 16 Mar 2015 15:48:07 -0700
X-PGP-Universal: processed; by keys.merrymeet.com on Mon, 16 Mar 2015 15:48:07 -0700
Mime-Version: 1.0 (Mac OS X Mail 8.2 \(2070.6\))
From: Jon Callas <jon@callas.org>
In-Reply-To: <CAO7N=i1cUZafdfcP9v626EaKmKxm1QS4AbDP71D++8B6xi04sQ@mail.gmail.com>
Date: Mon, 16 Mar 2015 15:48:03 -0700
Message-Id: <3B2BD87B-C353-4D4C-9EE6-076E019AEBA6@callas.org>
References: <CAA7UWsWBoXpZ2q=Lv151R593v3u=SPNif39ySX_-8=fqMniiVg@mail.gmail.com> <87sid5si30.fsf@alice.fifthhorseman.net> <20150316171832.D0C81E0451@smtp.hushmail.com> <CAA7UWsV6fiGE312xZZtKzo_wwOxuhZVFja_mVZMUndYpJrUjbA@mail.gmail.com> <CAO7N=i1cUZafdfcP9v626EaKmKxm1QS4AbDP71D++8B6xi04sQ@mail.gmail.com>
To: Ryan Carboni <ryacko@gmail.com>
X-Mailer: Apple Mail (2.2070.6)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/BFi7UpKy1NuCj0vjL9sYYjiTQho>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>, Jon Callas <jon@callas.org>, David Leon Gil <coruus@gmail.com>, "vedaal@nym.hush.com" <vedaal@nym.hush.com>
Subject: Re: [openpgp] Intent to deprecate: Insecure primitives
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 22:48:41 -0000

> On Mar 16, 2015, at 3:24 PM, Ryan Carboni <ryacko@gmail.com> wrote:
> 
> I suggest Threefish. It is (practically) immune to the risk of collisions revealing plaintext in CFB mode, and is slightly more secure. It's probably best to use the version of Threefish before they increased the number of rounds to deal with collisions.

As a Threefish co-author, thank you for your vote of confidence.

We never increased the number of rounds. We tweaked constants, but that's all.

Threefish is a wide-block, tweakable block cipher and would need a small bit of description of how to use it; it's not a drop-in replacement for something like AES.

But I'd be happy to do that, myself, and could make suggestions in less than a paragraph.

	Jon

v2.23.0 | Report a Bug | By Email