New symmetric cipher added to Firefox: Camellia

I'm pleased to announce that the nightly Firefox 3 builds now contain the Camellia cipher. The Camellia cipher was developed by researchers at NTT and Mitsubishi Electric Corporation. We expect that Camellia will be big in Japan in the coming years, and when Firefox 3 is released it will be ready to go. (At this point only developers and testers should be running Firefox 3 builds.)

We don't normally add new encryption technologies to Firefox, so this addition is rather special. In the encryption world, new is bad. Older is better. Ciphers that have been reviewed, deployed, and attacked repeatedly (and survived!) are best. To give you an idea of how rarely we add ciphers, the last symmetric cipher we added was AES in 2002.

Camellia also represents a great open source partnership. The Camellia team went to great lengths to publish their technology and to seek reviews. They provide royalty-free licenses to their patents. They worked through the IETF process to create RFCs for the TLS, IPSec, and CMS protocols. They wrote code to implement the cipher. They contributed this code to the NSS crypto libraries under the standard Mozilla tri-license. We were then able to incorporate Camellia into NSS, and then activate it in Firefox. That process took them years of hard work and diplomacy.

I am very impressed at how well the Camellia team was able to work through all these matters leading up to today's announcement. They have been a pleasure to work with! I look forward to more Firefox uptake in Japan as a result.

If you are running the nightly Firefox 3 builds, you can visit the Camellia test server and check the cipher you negotiated (Page Info): https://info.isl.ntt.co.jp/crypt/eng/camellia/index.html

Here is the bug report: https://bugzilla.mozilla.org/show_bug.cgi?id=382223

Here is the Wikipedia article: http://en.wikipedia.org/wiki/Camellia_(cipher)