carrick, Blowfish & the NSA
Wei Dai
weidai at eskimo.com
Sun Apr 14 18:14:21 PDT 1996
On Sat, 13 Apr 1996, Jerry Whiting wrote:
> We're shooting for a May 1 release for Windows with the Mac and DOS 6
> weeks behind and VAX/Sun a month after that. We're aiming for the
> stars: encryption, time/date stamps, signatures, message digests, etc.
> all based on Blowfish. We're doing a core engine with APIs, a
> standardized file format, and extensability for other developers. We're
> very committed to making the spec including the API and file format VERY
> PUBLIC. Like I said, we're aiming high.
This sounds like an interesting project. However, I'm having trouble
understanding your goals. Blowfish is a block cipher. Why are you using
it to do anything but encryption? I know there are cryptographic
constructions that allow you to do message digests with block ciphers, but
they are slow and not guaranteed to be as secure as the underlying block
ciphers. I suggest that instead you use an established message digest
algorithm such as SHA. How are you planning to do timestamps and
signatures? I presume you'll need some other algorithms besides
Blowfish. Also, will the software be freeware, shareware, or commercial?
Wei Dai
More information about the cypherpunks-legacy
mailing list