[openssl-project] Removing assembler for outdated algorithms
levitte at openssl.org
Sun Feb 11 06:57:57 UTC 2018
In message <3EAC8B7F-EA48-465B-B4BE-3D5AC62D9A4C at dukhovni.org> on Sat, 10 Feb 2018 16:58:36 -0500, Viktor Dukhovni <viktor at dukhovni.org> said:
viktor> > On Feb 10, 2018, at 4:08 PM, Salz, Rich <rsalz at akamai.com> wrote:
viktor> > This is derived from bureau/libcrypto-proposal that Emilila made in November 2015.
viktor> > We should remove the assembler versions of the following
viktor> > Blowfish, cast, des, rc4, rc5, ripemd, whirlpool, md5
viktor> > The reason is that they are outdated, not in use very much, and optimization is not important, compared to having a single reference source that we can maintain and debug.
viktor> Is blowfish actually outdated? I thought it had some significant use,
viktor> and don't recall any major weakness...
For what it's worth, https://en.wikipedia.org/wiki/Blowfish_(cipher)
mentions some weaknesses, and also that the author recommends moving
away from Blowfish (use Twofish instead, but we haven't implemented
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-project