AES128 or AES256 by default?

Nikos Mavrogiannopoulos nmav at
Fri May 16 07:23:36 CEST 2008

Simon Josefsson wrote:
> There is a debian bug:
> Which asks that we make AES-256 the default preferred cipher.  Right now
> AES-128 is the default preferred cipher.  Of course, today AES-256 is
> supported as well (it is the second preferred default cipher).
> What do people think here?

I also see no reason. Increasing the key size from 128bits to 256bits,
does not offer any additional security (given of course that AES is not
broken in other ways).

More information about the Gnutls-devel mailing list