Patch add support for different algorithms in the agent private key storage

Robert J. Hansen rjh at
Thu Feb 21 02:23:52 CET 2013

On 02/20/2013 07:11 PM, Laila Vrazda wrote:
> Very well, theoretically AES-256 is less secure than AES-192.

The current best attack on AES-256 maxes out at 11 rounds; the full
AES-256 has 14 rounds.  Nobody's ever demonstrated that full AES-256 is
easier to break than AES-192; and even if they had, it would still be a
nonissue.  "Theoretically, a reduced-round AES-256 is less secure than a
reduced-round AES-192" would be more accurate, and as the sentence gets
more accurate it seems to become less relevant.

Besides, cryptosystems very rarely fail as the result of cryptologic
flaws.  It's so rare I'm having a hard time thinking of any off the top
of my head; WEP fell to an implementation defect in RC4, SSL had
problems with side channels, there are a lot of systems that have fallen
to timing attacks, and so on.  But I'm scratching my head here trying to
think of the last time a system fell to cryptanalysis.  The DVD Content
Scrambling System, maybe?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 252 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20130220/bac19d6f/attachment-0001.pgp>

More information about the Gnupg-users mailing list