pgpfan:schism
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
pgpfan:schism [2024/01/04 22:17] – [About the "OpenPGP Schism" (2023 Dec)] clarification b.walzer | pgpfan:schism [2024/02/11 23:32] (current) – Phrasing. b.walzer | ||
---|---|---|---|
Line 21: | Line 21: | ||
=====GnuPG===== | =====GnuPG===== | ||
- | The GnuPG faction only wants to add one block cipher mode to the two that OpenPGP currently supports. Koch has stated that the current authenticated mode is secure, which implies that the new mode is wanted for reasons other than security. The GnuPG project wants a new mode primarily for greater efficiency. The current mode can not work in parallel for encryption. This can make things slow for very large files (100s of GB) on multiprocessor systems. The proposed OCB mode is much faster. The other reason relates to error handling. The current authenticated encryption mode protects the entire file/ | + | The GnuPG faction only wants to add one block cipher mode to the two that OpenPGP currently supports. |
I find the GnuPG position reasonable, but will point out that few users process really large files. There is no strong argument here for superseding the existing authenticated mode in general. An OpenPGP high efficiency mode can be treated as a separate function that the user can decide to activate for the rare situations where it might be appropriate. | I find the GnuPG position reasonable, but will point out that few users process really large files. There is no strong argument here for superseding the existing authenticated mode in general. An OpenPGP high efficiency mode can be treated as a separate function that the user can decide to activate for the rare situations where it might be appropriate. | ||
Line 69: | Line 69: | ||
An entity from the Crypto Refresh Current faction is now threatening to start emitting messages using the GCM cipher block mode. You can easily imagine what I think of this. | An entity from the Crypto Refresh Current faction is now threatening to start emitting messages using the GCM cipher block mode. You can easily imagine what I think of this. | ||
- | The reason that everyone thinks it is OK to just start generating encrypted messages/ | + | The reason that everyone thinks it is OK to just start generating encrypted messages/ |
This article was primarily written to point out that there is a third option available. Speaking from the prospective of the user: if you can't provide me any tangible benefit, if you are making things even a little bit less usable, then please do nothing at all. There is no crisis here. We can just keep using the existing authenticated block cipher mode. If we ended up continuing to use it indefinitely there would be no real downside. | This article was primarily written to point out that there is a third option available. Speaking from the prospective of the user: if you can't provide me any tangible benefit, if you are making things even a little bit less usable, then please do nothing at all. There is no crisis here. We can just keep using the existing authenticated block cipher mode. If we ended up continuing to use it indefinitely there would be no real downside. |
pgpfan/schism.txt · Last modified: 2024/02/11 23:32 by b.walzer