On Fri, 30 May 2003 19:48:34 -0400, John Wilkinson said:
If the choice for standardization is between AES-128 and AES-256, and
the sole criterion is algorithm strength, I would recommend AES-256,
It doesn't get you anything to double the length of the key if at the
same time you need to make tradeoffs in choosing the quality of the
random numbers. Entropy is a scare resource and one should take
caution for what to spend it.
I am sure that the strength of any OpenPGP algorithm is far away rom
beein the weakes link in a OpenPGP cryptosystem. The probability of
bugs in the software is much higher than any weakness in an algorithm.
That is what a cryptoplumber should to take care about, unless the
marketing departments gets involved ;-)
Shalom-Salam,
Werner
--
Nonviolence is the greatest force at the disposal of
mankind. It is mightier than the mightiest weapon of
destruction devised by the ingenuity of man. -Gandhi