> In any case, this requires use of a hash function (sha1) and a block
> cipher (3des). We were going to do a replacement of /dev/random
I don't think it does _have_ to be 3des, which is approximately the
slowest and most tedious to implement cipher known to the world. ;-)
Blowfish would be nicer except for the big tables. If frequent
re-keying of the cipher is needed, Twofish would be even a better
choice. Although this isn't standard Yarrow-160 any more, it would
make for a better implementation IMHO. (A quick look at Schneier's
paper suggests that this is possible and anticipated by the design.)
Also consider using the Crypto API from the international kernel
patch, which already contains some useful cipher implementations.
Olaf
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Sep 15 2000 - 21:00:17 EST