ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

AES-256 vs AES-128 (Re: Suggested DER Prefixes)

2003-05-30 12:48:45
from [Adam Back] [Permanent Link] 

On Thu, May 29, 2003 at 12:55:29PM -0400, Derek Atkins wrote:

"Jeroen C. van Gelderen" <jeroen(_at_)vangelderen(_dot_)org> writes:

           In fact, there are those who feel safer with AES
at 128 than at256.


[...]

I certainly did not say "less secure", did I?  It's certainly
much SLOWER, and certainly is not MORE secure... 


Actually it may be more secure; AES-256 has more rounds to offer a
more conservative security margin because the key is longer.  If half
of the key is unused, the extra rounds can only help.

So it is either as strong (if AES-128 truly offers 128 bits of
security), or stronger; but not "certainly is not MORE secure..."

Adam
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Use of the term "notarised signature"?, Jon Callas
Next by Date:  Re: AES-256 vs AES-128 (Re: Suggested DER Prefixes), Derek Atkins
Previous by Thread:  AES-128 (was Re: Suggested DER Prefixes), Mike Markowitz
Next by Thread:  Re: AES-256 vs AES-128 (Re: Suggested DER Prefixes), Derek Atkins
Indexes:  [Date] [Thread] [Top] [All Lists]