[openssl-project] Removing assembler for outdated algorithms

Richard Levitte levitte at openssl.org
Sun Feb 11 07:18:15 UTC 2018

In message <0EA60701-6E1A-4FE0-86F8-33B37D01612E at dukhovni.org> on Sat, 10 Feb 2018 17:10:42 -0500, Viktor Dukhovni <viktor at dukhovni.org> said:

viktor> > On Feb 10, 2018, at 4:58 PM, Viktor Dukhovni <viktor at dukhovni.org> wrote:
viktor> > 
viktor> > 
viktor> > Is blowfish actually outdated?  I thought it had some significant use,
viktor> > and don't recall any major weakness...
viktor> In particular, IIRC OpenSSH uses blowfish, and links to OpenSSL for
viktor> the underlying cipher...

OpenSSH disabled blowfish-cbc (all cbc ciphers, as a matter of fact)
two years ago, and removed it (them) entirely last autumn.  So one can
say that even in the OpenSSH world, blowfish support has decreased.
Ref: http://www.openssh.com/releasenotes.html


Richard Levitte         levitte at openssl.org
OpenSSL Project         http://www.openssl.org/~levitte/

More information about the openssl-project mailing list