The reason for Twofish (was: getting rid of blowfishes)

Werner Koch wk@gnupg.org
Wed, 3 May 2000 13:58:09 +0200


On Wed, 3 May 2000, Simpson, Sam wrote:


> ok, well why do OpenPGP members think it's a good idea to implement (or
> include as an algorithm identifier...) Twofish? I had quite a debate on the
> mailing list and nobody had a good explanation why it has been included
Back in Dezember 1998, Phil Zimmermann called me on the phone and one of the topics was, that he would very much like to have Twofish in OpenPGP. IIRC, he mentioned that he promised Bruce Schnier to use Twofish with PGP. We discussed this for a while in the WG and assigned 10 for Twofish using 256 keys (256 bits are more a marketing thing than a technical requirement). Matthew then enhanced our TF implementation to allow 256 bit keys (we had 128 bit as experimental algorithm for quite a while). Another thing was that the assignment of 10 for TF allowed GnuPG to create preferences for TF for all new keys - so migration to TF should be easier for users in some future (a special hack in gpg ignored the Twofish preference). Werner -- Werner Koch OpenPGP key 621CC013 OpenIT GmbH tel +49 211 239577-0 Birkenstr. 12 email wk@openit.de D-40233 Duesseldorf http://www.openit.de