Defaults
René Puls
rpuls at kcore.de
Tue Mar 17 22:23:24 CET 2015
On Tue, 17 Mar 2015 15:44:47 -0400 Robert J. Hansen wrote:
> [*] As I read the tea leaves, I'm more convinced of AES256's long-term
> strength than I am of AES128's. However, the idea that either one of
> them is somehow 'weak' is just ludicrous. If you use AES128, don't
> panic. :)
I remember reading about an attack that works better against AES-256
than AES-128:
https://www.schneier.com/blog/archives/2009/07/another_new_aes.html
Bruce Schneier wrote:
> And for new applications I suggest that people don't use AES-256.
> AES-128 provides more than enough security margin for the forseeable
> future. But if you're already using AES-256, there's no reason to
> change.
I am not qualified to argue for or against either cipher, but I wonder
if this advice from 2009 is still valid today.
René
More information about the Gnupg-users
mailing list