IETF Logo Mail Archive

Re: [openpgp] Intent to deprecate: Insecure primitives

Ryan Carboni <ryacko@gmail.com> Mon, 16 March 2015 22:25 UTC

Return-Path: <ryacko@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 857F01AC3C1 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:25:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8RWIF135COg for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:25:38 -0700 (PDT)
Received: from mail-we0-x22e.google.com (mail-we0-x22e.google.com [IPv6:2a00:1450:400c:c03::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 258A91AC3C0 for <openpgp@ietf.org>; Mon, 16 Mar 2015 15:25:38 -0700 (PDT)
Received: by wetk59 with SMTP id k59so48353894wet.3 for <openpgp@ietf.org>; Mon, 16 Mar 2015 15:25:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=+OK/mlZU+P5vJYVlwJAtPjCUsIU3LDyxs4Wmhj0HuNs=; b=gCI8aC0FbR3x8qIycWSoKNgsBiAsxr7wbDI5z6qSre+T2VHRf4nIWAjK6DoprCMtM6 HOjwCErkQGKW/rS5zSzXFKgDY3cOKNaBKRt4VXi/a7QD3tAl/wVzYNo28HmZRyU9xsf8 5ApuK7f0N5umx13C7IP/L920//YCEJUlJoPtGBRopPt/caSQR6p3ofyoKuIdHsNJPbkw cgWgSS/CIFwBCFzlVaX2+5RFVdJAsFk5BGpVL4Xg5/oJGTw4CIUFnmZc1MeGr1Y/uZTo /43KkOD2Y51+9p+v7z1NTDE0R9/NyPN7ClYHdJYFfAMeMvybf0MAbipt669QX8A/k7hR 0rbQ==
X-Received: by 10.194.223.103 with SMTP id qt7mr121589710wjc.35.1426544736800; Mon, 16 Mar 2015 15:25:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.35.3 with HTTP; Mon, 16 Mar 2015 15:24:56 -0700 (PDT)
In-Reply-To: <CAA7UWsV6fiGE312xZZtKzo_wwOxuhZVFja_mVZMUndYpJrUjbA@mail.gmail.com>
References: <CAA7UWsWBoXpZ2q=Lv151R593v3u=SPNif39ySX_-8=fqMniiVg@mail.gmail.com> <87sid5si30.fsf@alice.fifthhorseman.net> <20150316171832.D0C81E0451@smtp.hushmail.com> <CAA7UWsV6fiGE312xZZtKzo_wwOxuhZVFja_mVZMUndYpJrUjbA@mail.gmail.com>
From: Ryan Carboni <ryacko@gmail.com>
Date: Mon, 16 Mar 2015 15:24:56 -0700
Message-ID: <CAO7N=i1cUZafdfcP9v626EaKmKxm1QS4AbDP71D++8B6xi04sQ@mail.gmail.com>
To: David Leon Gil <coruus@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c3b7c44b14db05116f548d"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/FndRHLIJvVFWnSrbOD77ToycRtI>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>, "vedaal@nym.hush.com" <vedaal@nym.hush.com>
Subject: Re: [openpgp] Intent to deprecate: Insecure primitives
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 22:25:39 -0000

I suggest Threefish. It is (practically) immune to the risk of collisions
revealing plaintext in CFB mode, and is slightly more secure. It's probably
best to use the version of Threefish before they increased the number of
rounds to deal with collisions.

v2.23.0 | Report a Bug | By Email