s2k-cipher-mode default
Werner Koch
wk at gnupg.org
Tue Jun 2 20:38:13 CEST 2015
On Tue, 2 Jun 2015 19:25, dkg at fifthhorseman.net said:
>> I am fine to switch to AES-128 for 2.0 too.
>
> Any reason to avoid it for the 1.4 branch?
Can be done.
> This is the case for symmetric backups. For secret key protection, the
> time difference is negligible compared to things like passphrase entry.
Secret key protection does not require that strength. Do you really
thing anyone is using a passphrase (intended to be memorized) with more
than 128 bit of entropy?
Anywa, I won't care whether this is AES-256 or AES-128 - implementation
wise it does not make a real difference to implement one or both.
> As you say, CPU is not the bottleneck on modern systems dealing with
> this kind of data, either large or small. So why not move to stronger
Why using cycles and energy without a reason?
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gnupg-devel
mailing list