[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [office-comment] ODF 1.1: Heads up on Document Crypto
Robert Weir wrote: >AES is not a panacea either. I know that some foreign governments are >suspicious of anything that the NSA says is OK for use. So best to allow >a choice of several strong algorithms. Mmm, at least AES is a standard, so like I suggested before, let's go for at least Blowfish and AES. If you don't trust AES, you can use Blowfish and if you need a NSA-approved cipher, go with AES. If that isn't enough, I would suggest using the algorithms mentioned in OpenPGP / RFC4880 (TripleDES, AES-128, CAST5, IDEA, Blowfish and Twofish). Those algorithms have already been implemented in freely available crypto libraries (like Bouncy Castle in Java/C# and Botan in C++), so most developers don't have to write these routines themselves... Best regards Bart
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]