gnupg website

Werner Koch wk at gnupg.org
Thu Jan 26 18:05:05 CET 2017


On Wed, 25 Jan 2017 23:33, rjh at sixdemonbag.org said:

> That's the sort of thing that causes a lot of crypto nerds to twitch and
> mutter "rekey, rekey".

For example OpenSSH does a rekeying not later than 4 GiByte even for 128
bit block length ciphers.

The block length problem is known since we use block ciphers.  Despite
that their are practical solution for most problem domains
(i.e. rekeying) the new standard cipher contest (which led to AES) was
started back in the last millennium.  One explicit goal was to
standardize on a 128 bit block length cipher to stop thinking about this
problem.

I tried to explain in my first reply that there is no real problem in
sweet32.  The real problem is allowing to run arbitrary code on your
machine - Javascript is the simple attack vector to exploit bugs in the
client software.  Why generating incredible huge amounts of traffic for
each individual target when you can also write an exploit which works on
a large percentage of all clients.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: </pipermail/attachments/20170126/e10e026e/attachment.sig>


More information about the Gnupg-users mailing list