[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[MIT-Scheme-devel] Blowfish, MD5, mcrypt, mhash

From: Taylor R Campbell
Subject: [MIT-Scheme-devel] Blowfish, MD5, mcrypt, mhash
Date: Fri, 3 Nov 2017 01:32:23 +0000

It's a little embarrassing that we provide some archaic crypto
primitives with a lot of trouble to link against OpenSSL, mcrypt, and
mhash.  Nobody should be using any of these in new protocols or most
new applications.

There are a few standard protocols like IMAP and HTTP that use MD5, so
while it shouldn't be used in any new protocols, it may be reasonable
to keep around for new applications implementing old protocols.

But we could just adopt (or write afresh) a portable C or Scheme
implementation -- no need to deal with linking against OpenSSL or

Edwin's file encryption -- which does not withstand scrutiny of modern
crypto engineering -- currently uses Blowfish.  Since some people
(cph?) may still have files stored this way, it may be reasonable to
keep this for that purpose.

But again, we could just adopt a portable C or Scheme implementation
and forget about OpenSSL or mcrypt.

We definitely shouldn't advertise Blowfish as `one of the faster block
ciphers' -- it is much slower and more memory-intensive than, e.g.,
AES or Threefish, which are the only two block ciphers I would
consider using today -- and any documentation about it should warn
that it is a long-outdated algorithm whose 64-bit block size makes it
unsafe to use unless you really know what you're doing.  I'm not even
sure we should be documenting this.

(I realize that the text I quoted was copied from the OpenSSL man
pages.  Unfortunately, OpenSSL man pages turn out to be bad news!)

I polled mit-scheme-users for who uses these and for what.  Anyone
here have thoughts on this?  I'm volunteering to do the work to
provide drop-in MD5 and Blowfish code replacements in microcode/, and
get rid of the rest if nobody objects.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]