Re: [openpgp] Intent to deprecate: Insecure primitives
Ryan Carboni <ryacko@gmail.com> Mon, 16 March 2015 22:25 UTC
Return-Path: <ryacko@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 857F01AC3C1 for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:25:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8RWIF135COg for <openpgp@ietfa.amsl.com>; Mon, 16 Mar 2015 15:25:38 -0700 (PDT)
Received: from mail-we0-x22e.google.com (mail-we0-x22e.google.com [IPv6:2a00:1450:400c:c03::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 258A91AC3C0 for <openpgp@ietf.org>; Mon, 16 Mar 2015 15:25:38 -0700 (PDT)
Received: by wetk59 with SMTP id k59so48353894wet.3 for <openpgp@ietf.org>; Mon, 16 Mar 2015 15:25:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=+OK/mlZU+P5vJYVlwJAtPjCUsIU3LDyxs4Wmhj0HuNs=; b=gCI8aC0FbR3x8qIycWSoKNgsBiAsxr7wbDI5z6qSre+T2VHRf4nIWAjK6DoprCMtM6 HOjwCErkQGKW/rS5zSzXFKgDY3cOKNaBKRt4VXi/a7QD3tAl/wVzYNo28HmZRyU9xsf8 5ApuK7f0N5umx13C7IP/L920//YCEJUlJoPtGBRopPt/caSQR6p3ofyoKuIdHsNJPbkw cgWgSS/CIFwBCFzlVaX2+5RFVdJAsFk5BGpVL4Xg5/oJGTw4CIUFnmZc1MeGr1Y/uZTo /43KkOD2Y51+9p+v7z1NTDE0R9/NyPN7ClYHdJYFfAMeMvybf0MAbipt669QX8A/k7hR 0rbQ==
X-Received: by 10.194.223.103 with SMTP id qt7mr121589710wjc.35.1426544736800; Mon, 16 Mar 2015 15:25:36 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.194.35.3 with HTTP; Mon, 16 Mar 2015 15:24:56 -0700 (PDT)
In-Reply-To: <CAA7UWsV6fiGE312xZZtKzo_wwOxuhZVFja_mVZMUndYpJrUjbA@mail.gmail.com>
References: <CAA7UWsWBoXpZ2q=Lv151R593v3u=SPNif39ySX_-8=fqMniiVg@mail.gmail.com> <87sid5si30.fsf@alice.fifthhorseman.net> <20150316171832.D0C81E0451@smtp.hushmail.com> <CAA7UWsV6fiGE312xZZtKzo_wwOxuhZVFja_mVZMUndYpJrUjbA@mail.gmail.com>
From: Ryan Carboni <ryacko@gmail.com>
Date: Mon, 16 Mar 2015 15:24:56 -0700
Message-ID: <CAO7N=i1cUZafdfcP9v626EaKmKxm1QS4AbDP71D++8B6xi04sQ@mail.gmail.com>
To: David Leon Gil <coruus@gmail.com>
Content-Type: multipart/alternative; boundary="001a11c3b7c44b14db05116f548d"
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/FndRHLIJvVFWnSrbOD77ToycRtI>
Cc: "openpgp@ietf.org" <openpgp@ietf.org>, "vedaal@nym.hush.com" <vedaal@nym.hush.com>
Subject: Re: [openpgp] Intent to deprecate: Insecure primitives
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Mar 2015 22:25:39 -0000
I suggest Threefish. It is (practically) immune to the risk of collisions revealing plaintext in CFB mode, and is slightly more secure. It's probably best to use the version of Threefish before they increased the number of rounds to deal with collisions.
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Wyllys Ingersoll
- Re: [openpgp] Intent to deprecate: Insecure primi… Werner Koch
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Daniel Kahn Gillmor
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Farrell
- Re: [openpgp] Intent to deprecate: Insecure primi… Kristian Fiskerstrand
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Paul Weber
- Re: [openpgp] Intent to deprecate: Insecure primi… David Shaw
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… vedaal
- Re: [openpgp] Intent to deprecate: Insecure primi… Jon Callas
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Stephen Paul Weber
- Re: [openpgp] Intent to deprecate: Insecure primi… David Shaw
- [openpgp] Intent to deprecate: Insecure primitives David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Ryan Carboni
- Re: [openpgp] Intent to deprecate: Insecure primi… Jon Callas
- Re: [openpgp] Intent to deprecate: Insecure primi… Peter Gutmann
- Re: [openpgp] Intent to deprecate: Insecure primi… Werner Koch
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Daniel Kahn Gillmor
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Falcon Darkstar Momot
- Re: [openpgp] Intent to deprecate: Insecure primi… Phillip Hallam-Baker
- Re: [openpgp] Intent to deprecate: Insecure primi… Bill Frantz
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Derek Atkins
- Re: [openpgp] Intent to deprecate: Insecure primi… Andrew Skretvedt
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… Christoph Anton Mitterer
- Re: [openpgp] Intent to deprecate: Insecure primi… David Leon Gil
- Re: [openpgp] Intent to deprecate: Insecure primi… Christoph Anton Mitterer
- Re: [openpgp] Intent to deprecate: Insecure primi… ianG
- Re: [openpgp] Intent to deprecate: Insecure primi… Ben McGinnes
- Re: [openpgp] Intent to deprecate: Insecure primi… Tom Ritter
- [openpgp] Intent to deprecate: Insecure primitives David Leon Gil