----

hi everyone,

here, i want to ask about the algorithms. among the algorithm which are more secure?is 3DES or blowfish is the most secure??

in performance side, which are the fastest?compare the 3 algorithms..

hopefully you all can share with me your info...

----

Hi,

you shouldn't use DES, because you can just use a 56 bit key, which could be broken by brute force in a realistic time.

Also you shouldn't use 3DES, it's secure, but it is soooo slow, e.g. 3 times slower then normal DES.

The best choice in your list of algorithm would be blowfish, it's fast and secure, but you can also use AES, Twofish or other secure and fast algorithms.

Maybe Blowfish has a too short block size, just 64 bit, but this depends totaly on the purpose of use. For normal data encryption in CBC mode its okay (secure), but you shouldn't use Blowfish as a hash algorithm or as a stream cipher.

----

thanks Elderan,

for your info, now i working on file encryption system and i need to use all three algorithm in order to achieve my objective..

thanks again.

----

tajinvillage wrote: |

thanks Elderan,
for your info, now i working on file encryption system and i need to use all three algorithm in order to achieve my objective.. thanks again. |

What are your objectives, and which of them requires the implementation of DES, Triple-DES, and Blowfish? Backwards compatibility, perhaps? If you could lay all of your goals on the table for us to see, we could probably give you better advice. I'm not sure what your constraints are, but you the two primary goals you should go for are confidentiality (i.e., encryption) and integrity (i.e., authentication). More specifically, you want IND-CCA2 /\ INT-CTXT security, which represent the strongest notions of confidentiality and integrity for symmetric authenticated encryption schemes.

If you can, use the AES; it's receiving the most cryptanalytical attention of any block cipher. I can't think of a more compelling reason to suggest the use of a cryptographic primitive. It can be used in both encryption and authentication schemes; for example, by applying CMAC-AES to the ciphertext of AES-CTR, you get IND-CCA2 /\ INT-CTXT. The order of encrypt-then-authenticate is necessary for achieving these notions of security. By recycling the AES, you not only take advantage of its cryptanalysis-induced maturity, but you end up with a minimalist design.

Good cryptographic engineering is about mature and minimalist designs. Do a lot with a little. Less is more. Keep that in mind. I can't think of any cryptographic reasoning behind using DES, Triple-DES, and Blowfish, over the AES, so if there's nothing stopping you, transition to the AES and simplify your implementation. On the other hand, if you have environmental constraints that prevent the use of the AES, please let us know, so we can suggest a suitable alternative. However, for file encryption, I doubt this to be the case. I'm interested in hearing about your progress. Until then, cheers!

----

hi i'm newbie here and i'm glad to find this forum..

i've read the posting above and i think i have some similliar question related to 3des, AES ad blowfish.

here's my case, i'm doing my final project now, i make the voip implementation securing by IPSec. and for the IPSec algorithm, i compare 4 algorithms, which are 3DES-cbc, AES-cbc (Rijndael), Blowfish-cbc and ESP null encryption.

i've done the implementation, but don't done all yet. i haven't made the calculation among those algorithms.

here, i want to ask a brief explanation, which one from those algorithms is the best implemented in my project?

FYI, i use linux ubuntu for my project.

i reallly looking forward for the answer...

best regards

=niken=

output generated using printer-friendly topic mod, All times are GMT + 2 Hours

Powered by phpBB 2.0.x © 2001 phpBB Group