[Ach] Proposal to change B cipher spec
ianG
iang at iang.org
Fri Apr 4 22:31:22 CEST 2014
On 2/04/2014 21:29 pm, Aaron Zauner wrote:
> While we're at it, could we get rid of camellia as well?
>
> * no constant time implementation
> * no extensive cryptanalysis - at least not as extensive as AES
> * not actively used anywhere as far as I'm aware of
I believe it should be got rid of. It is not used enough, and it
represents a drag on other implementations. Its purpose is to allow a
switch-over algorithm in case AES goes bad, but I see no history that
this has worked well for us.
Also, in the future, there are going to be new suites. I suspect for
their sins the TLS community is trying to get a new suite in place using
ChaCha/poly.
iang
More information about the Ach
mailing list