Depends on your threat models. Who might want to crack your stuff?
Do you want to use it in the financial industry?
3DES is the choice there, simply because everybody knows and trusts it.
Is there a good reason not to just incorporate PGP into your application
instead of writing your own crypto implementation?
DES has been very thoroughly studied by very many great cryptographers,
so there are unlikely to be major new holes in it.
Obviously you need 3DES rather than 1DES.
The keys are more than long enough for currently forseeable technology.
The important thing that 3DES gives you besides analysis of the algorithm
is many implemented packages which have some opportunity to have been
debugged, cracked, fed overlong keys to see if they explode, etc.
Sure, it's dog-ugly, but it's a dog you know.
If I wanted a non-3DES algorithm, I wouldn't use Blowfish -
Bruce Schneier et al. have Twofish out, and while the primary goals
of the redesign are to fit into the AES requirements framework,
rather than to strengthen the algorithm, they may have benefited from
experience,
and there have also been heavy efforts to break it and the other AES
candidates.
They've been a lot briefer than the attacks on 3DES, but probably more
attention than has been paid to Blowfish. Another advantage of Twofish
over Blowfish is that it also has some reference implementations that have
been checked out reasonably well.
Either one can probably do quite well. Do you have to worry about
compatibility?
Do you have to worry about setup time, or only run time, or really neither?
(Neither is nice, and often realistic, as long as the stuff's not way
slower than 3DES.)
Do you have to worry about space (e.g. fitting on smartcards or phones,
or is this just basic PC/Workstation stuff?)
>From: "Nathan Saper" <[EMAIL PROTECTED]>
>To: <[EMAIL PROTECTED]>
>Sent: Sunday, May 07, 2000 12:32 AM
>Subject: Blowfish or 3DES?
>
>> Which is better for everyday encryption where speed is not a big issue? I
>> know that Blowfish is better than vanilla DES, but is it better than 3DES?
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
