[openssl-dev] [openssl.org #4017] [PATCH] Implement Camellia GCM suites (RFC 6367)
Viktor Dukhovni
openssl-users at dukhovni.org
Mon Aug 24 17:53:55 UTC 2015
On Mon, Aug 24, 2015 at 05:41:19PM +0000, Salz, Rich via RT wrote:
> > Does camellia offer any significant advantage in
> > any situation that would justify increasing support?
>
> Yes, I'd like to know who needs it.
>
> GOST is going to move to an externally-maintained ENGINE (thanks, Dimitry:).
> We should look at moving other ciphers out of the core the same way. The
> OID's will need to be maintained, since the run-time really wants to deal
> with NID's, and figuring out how to make them first-class citizens with
> an EVP interface would take some thought, but Blowfish, Cast, Camellia,
> SEED, and Whirlpool could all be pushed out, IMHO.
IIRC Camellia is more equal than the others. In particular its
inclusion in NESSIE and broad adoption make it a plausible "backup"
block cipher after AES.
So while we can consider dropping many of the more obscure and
obsolete algorithms, Camellia is probably best retained.
It is not clear that Intel et. al. will devoide any chip real-estate
to supporting it in hardware, so it will not be quite as attractive
as AES for most users, but it seems to be a fine cipher in most
other regards.
--
Viktor.
More information about the openssl-dev
mailing list