scanoss / crypto_algorithms_open_dataset

2 stars 1 forks source link

CAST SecurityStrength is not correct #25

Open toscalix opened 4 months ago

toscalix commented 4 months ago

Description

CAST algorithms appears with a SecurityStrength '320'

Link: https://github.com/scanoss/crypto_algorithms_open_dataset/blob/main/definitions_crypto_algorithms/list_definitions_crypto_algorithms/cast.yaml

when it can also have 128 ad 256 which are more common. In fact, you can find CAST-128 (or CAST5) and CAST-256 as algorithms all over the place.

Suggestion

We have two ways to deal with this:

References

References:

toscalix commented 2 months ago

This discussion will now be developed in the SPDX cryptographic list. We will inherit whatever conclusion they make, although most likely the solution is

We define CAST as the algorithm and then we provide different SecurityStrength