AES256 & AES192. (Was: Can I revitalise an old key-pair?)
Robert J. Hansen
rjh at sixdemonbag.org
Tue Sep 3 03:51:01 CEST 2013
> It is time for Werner, Robert, and the others to speak up.
I don't know why I need to speak up. I haven't done any serious crypto
work in almost a decade now. I am not an authority on these matters.
At best, I can give a semi-informed perspective on things -- but that's
about it.
> http://www.schneier.com/blog/archives/2009/07/another_new_aes.html
> [Note that Serpent is referenced as a backup plan. If you look
> at Bruce's 1:22 PM comment he recommends AES-128 (AES) over
> AES-256 due to the poor key-schedule for AES-256.
You're misquoting him.
"For new applications I suggest that people don't use AES-256. AES-128
provides more than enough security margin for the forseeable future.
But if you're already using AES-256, there's no reason to change."
So, my response to this is a shrug. If you're already using AES-256, go
on and keep using it: there's no reason to change.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3744 bytes
Desc: S/MIME Cryptographic Signature
URL: </pipermail/attachments/20130902/7ea3689a/attachment.bin>
More information about the Gnupg-users
mailing list