s2k-cipher-mode default

NdK ndk.clanbo at gmail.com
Wed Jun 3 00:15:21 CEST 2015

Il 02/06/2015 20:37, Daniel Kahn Gillmor ha scritto:

> But if we move to AES-256, we remove this attack, which means
> that none of our users get thrown under this particular bus.
What if by changing to AES-256 you end up saving one from the bus by
throwing all users under the train?

IIRC, I read (some years ago...) that AES-256 could be *weaker* than
AES-128 because some mathematical structures express some properties
only with the longer keys. I don't have the paper handy ATM, but I
vaguely remember that shocking conclusion.


More information about the Gnupg-users mailing list