[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How to protect an encrypted file system for off-line attack?



On Mon, Feb 23, 2009 at 03:43:06PM -0500, Celejar wrote:
> On Sun, 22 Feb 2009 20:10:57 -0600
> Ron Johnson <ron.l.johnson@cox.net> wrote:
> 
> > On 02/22/2009 07:03 PM, Javier wrote:
> 
> ...
> 
> > > And which is better, Blowfish or AES?
> > 
> > AES.
> 
> Source?  Wikipedia just says:
> 
> "Blowfish provides a good encryption rate in software and no effective
> cryptanalysis of it has been found to date. However, the Advanced
> Encryption Standard now receives more attention."
> 
> http://en.wikipedia.org/wiki/Blowfish_(cipher)
> 
> And what about Twofish?

TwoFish was a final candidate for the AES. Generally all five final
candidates (Rijndel - the one selected, Serpent, Twofish, MARS and RC6).
All of those candidates proved[1] sufficiently secure. MARS and RC6 were
generally slower than the other three. IIRC one main weaknes of Twofish
was that it performed poorly on 8-bit processors. This is not such a big
issue for you, I guess.

Anyway, the AES cipher is one that is very well studied. It has been 
implemented all over. Just about anybody have tried to attack it and 
yet there's no known practical attack on it. It performs well. So it is
a very sane choice as a block cipher.

[1] "proved": in a very weak sense of the word. In the sense that after 
a year or so of concentrated effort no attack was found, and their
design seemed solid.

-- 
Tzafrir Cohen         | tzafrir@jabber.org | VIM is
http://tzafrir.org.il |                    | a Mutt's
tzafrir@cohens.org.il |                    |  best
ICQ# 16849754         |                    | friend


Reply to: