AES256 & AES192. (Was: Can I revitalise an old key-pair?)

Robert J. Hansen rjh at
Tue Sep 3 03:51:01 CEST 2013

> It is time for Werner, Robert, and the others to speak up.

I don't know why I need to speak up.  I haven't done any serious crypto
work in almost a decade now.  I am not an authority on these matters.
At best, I can give a semi-informed perspective on things -- but that's
about it.

> [Note that Serpent is referenced as a backup plan. If you look
> at Bruce's 1:22 PM comment he recommends AES-128 (AES) over
> AES-256 due to the poor key-schedule for AES-256.

You're misquoting him.

"For new applications I suggest that people don't use AES-256.  AES-128
provides more than enough security margin for the forseeable future.
But if you're already using AES-256, there's no reason to change."

So, my response to this is a shrug.  If you're already using AES-256, go
on and keep using it: there's no reason to change.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20130902/7ea3689a/attachment.bin>

More information about the Gnupg-users mailing list