The reason for Twofish (was: getting rid of blowfishes)
Werner Koch
wk@gnupg.org
Wed, 3 May 2000 13:58:09 +0200
On Wed, 3 May 2000, Simpson, Sam wrote:
> ok, well why do OpenPGP members think it's a good idea to implement (or
> include as an algorithm identifier...) Twofish? I had quite a debate on the
> mailing list and nobody had a good explanation why it has been included
Back in Dezember 1998, Phil Zimmermann called me on the phone and one
of the topics was, that he would very much like to have Twofish in
OpenPGP. IIRC, he mentioned that he promised Bruce Schnier to use
Twofish with PGP.
We discussed this for a while in the WG and assigned 10 for Twofish
using 256 keys (256 bits are more a marketing thing than a technical
requirement). Matthew then enhanced our TF implementation to allow 256
bit keys (we had 128 bit as experimental algorithm for quite a while).
Another thing was that the assignment of 10 for TF allowed GnuPG to
create preferences for TF for all new keys - so migration to TF should
be easier for users in some future (a special hack in gpg ignored the
Twofish preference).
Werner
--
Werner Koch OpenPGP key 621CC013
OpenIT GmbH tel +49 211 239577-0
Birkenstr. 12 email wk@openit.de
D-40233 Duesseldorf http://www.openit.de