Is it safe to put an encrypted file on a public web server

Kevin Kammer mephisto at
Wed Nov 11 16:49:55 CET 2009

On Wed, Nov 11, 2009 at 09:01:09AM -0500
Also sprach David Shaw:
> AES256 is probably the best all-round choice in GPG if you want to
> just say "strongest" and leave it at that

AES 192 or AES 128 may actually be a more secure choice than AES 256,
until they work out the following:

That having been said, unless a major corporation or intelligence agency
is interested in your data, the relative "strength" of one of these
ciphers over another are mostly academic. Almost nobody would bother
trying to use sophisticated cryptanalytic attacks, because there are so
many avenues of attack that are much easier, cheaper, and still very

E.G. is your computer physically guarded 24/7? If not, how do you know
someone hasn't put a keylogger on it? Hey--it's easier than a related-
key attack with 2^117 complexity.


"Le hasard favorise l'esprit préparé."
                      --Louis Pasteur

More information about the Gnupg-users mailing list