[Ach] Proposal to change B cipher spec

David Durvaux david.durvaux at gmail.com
Sun Apr 6 08:33:55 CEST 2014


Hello,

2014-04-04 22:31 GMT+02:00 ianG <iang at iang.org>:

> On 2/04/2014 21:29 pm, Aaron Zauner wrote:
> > While we're at it, could we get rid of camellia as well?
> >
> >       * no constant time implementation
> >       * no extensive cryptanalysis - at least not as extensive as AES
> >       * not actively used anywhere as far as I'm aware of
>
>
> I believe it should be got rid of.  It is not used enough, and it
> represents a drag on other implementations.  Its purpose is to allow a
> switch-over algorithm in case AES goes bad, but I see no history that
> this has worked well for us.
>
>
I think it would be a mistake.  Not that much from a technical point of
view (I do trust and use AES) but from a "political" point of view.
When I was in Zurich with Aaron Kaplan, I had long discussion with some
techies asking why AES?

Their point is that AES is a NIST approved algorithm.  The related question
is then, we should trust?  (Which is quiet funny as NIST is suppose to be
there to give trust in algorithms).  The idea was that we had to propose
alternative to officially approved algorithm and let the user choose.

As far as I know, we cannot reject CAMELIA.  So, why throwing it away?  On
the contrary, we have to clearly state that while nothing prove that
CAMELIA isn't secure, there are less research against CAMELIA than against
other algorithms like AES.


> Also, in the future, there are going to be new suites.  I suspect for
> their sins the TLS community is trying to get a new suite in place using
> ChaCha/poly.
>
>
I indeed hear Vincent Rijmen in a presentation that they start working on
new generation of algorithms ;).  Let's see and wait :-D.

So to conclude, I would keep CAMELIA except if we have a good reason to
reject it.

Kr,

David

 iang
>
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
>



-- 
David DURVAUX
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cert.at/pipermail/ach/attachments/20140406/48693646/attachment.html>


More information about the Ach mailing list