Re: Symmetric Algorithm

[Uri Blumenthal <uri@xxxxxxxxxxxxxx>]

Jon Callas says:
> There are presently three symmetric algorithms used in PGP. They are IDEA,
> Triple-DES, and CAST5..........
> 
> (1) Which algorithm is the MUST algorithm?

I say - Triple-DES as the most proved, the most reliable and the
most "free".

> (2) Should there be more than one MUST algorithm, and if so, which ones?
> Please note that arguing for IDEA being a MUST algorithm could lead to the
> standard getting bogged down.

Due to its patented nature and some other things I strongly urge to
make IDEA "SHOULD" at most. [Yes, I'm aware of what's the main 
algorithm in PGP-2.x.]

> (3) Should any remaining algorithms from the original suite be SHOULD or MAY?

People apparently like CAST - and it looks promising. I'd make it SHOULD.

> (4) What other algorithm(s) do you want to see as MAY algorithms?

I'd make SEAL and DES/SK "MAY". I realize that there are many nice
algorithms - but how many can (and should :-) we put in?
SEAL is the fastest (but patented), and DES/SK gives
you the benefits of 3DES without the expense of 48 rounds.

> My votes:
> (1) Triple-DES (because it's less controversial than CAST5).

I'm with you.

> (2) No, only one MUST algorithm.

I'm with you.

> (3) I'd like to see both CAST5 and IDEA as SHOULD algorithms.

I prefer CAST (due to it's free nature).

> (4) I have no preferences, but ones mentioned to me are Blowfish and SAFER128.

Here we differ somewhat... My vote is for DES/SK (and for obvious reason :-).
-- 
Regards,
Uri		uri@xxxxxxxxxxxxxx
-=-=-=-=-=-=-
<Disclaimer>