Is it safe to put an encrypted file on a public web server
Morten Kjærulff
mortenkjarulff at gmail.com
Thu Nov 12 15:39:47 CET 2009
Thanks. I get the point - for me, any minimal encryption would be
enough, as nobody cares about my photos of my famely.
On Wed, Nov 11, 2009 at 4:49 PM, Kevin Kammer <mephisto at fastmail.net> wrote:
> On Wed, Nov 11, 2009 at 09:01:09AM -0500
> Also sprach David Shaw:
>> AES256 is probably the best all-round choice in GPG if you want to
>> just say "strongest" and leave it at that
>
> AES 192 or AES 128 may actually be a more secure choice than AES 256,
> until they work out the following:
>
> http://www.schneier.com/crypto-gram-0908.html#8
>
> That having been said, unless a major corporation or intelligence agency
> is interested in your data, the relative "strength" of one of these
> ciphers over another are mostly academic. Almost nobody would bother
> trying to use sophisticated cryptanalytic attacks, because there are so
> many avenues of attack that are much easier, cheaper, and still very
> effective.
>
> E.G. is your computer physically guarded 24/7? If not, how do you know
> someone hasn't put a keylogger on it? Hey--it's easier than a related-
> key attack with 2^117 complexity.
>
> -Kevin
>
> --
> "Le hasard favorise l'esprit préparé."
> --Louis Pasteur
>
> _______________________________________________
> Gnupg-users mailing list
> Gnupg-users at gnupg.org
> http://lists.gnupg.org/mailman/listinfo/gnupg-users
>
More information about the Gnupg-users
mailing list