Re: The importance of IVs

Paul Rubin wrote:
>The biggest problem here is avoiding writing to swap. I'd be surprise
>if vb.net gives you any control over that.

Agreed. But I figure, why not aim high...

>I've never heard of anyone implementing "false" 16-round Blowfish.

Based on my interpretation of Regis' earlier post, there is at least
one library that does not implement Blowfish correctly. Also, there
are several references on the internet to mini-blowfish apps that do
not implement the full 16-round or 64-bit cipher blocks.

>Blowfish is sort of old-school these days though. Is there some
>reason you don't want to use AES? I'd say you should use AES in EAX
>mode, if you want to be up with the times.

Well, I guess I'm kind of old-school then... Seriously though, all
jokes aside, question: Has Blowfish with a 448-bit key every been
brute forced? Even with known plain text? It may not be cool anymore,
but Blowfish is the algorithm that got me interested in crypto in the
first place and I'd like to write my own app with it. Trust me, I need
the programming experience. Sure, I'd love to mess around with AES
someday, but I figure I'll start out with Blowfish.

>Blowfish has been implemented many times, though maybe not in VB.

Agreed. I've seen several apps (there are several references to apps
on Schneier's web site). But I agree, I'm not sure if any are in VB
.NET. You may ask "why re-invent the wheel?" but I'm just trying to
learn something new and accomplish something new (at least new to me).
Received on Thu Sep 29 21:51:11 2005