[Info-vax] BridgeWorks
Arne Vajhøj
arne at vajhoej.dk
Tue Jul 23 20:41:45 EDT 2024
On 7/23/2024 8:11 PM, Lawrence D'Oliveiro wrote:
> On Tue, 23 Jul 2024 19:07 +0100 (BST), John Dallman wrote:
>> In article <v7n59g$11h0t$1 at dont-email.me>, ldo at nz.invalid (Lawrence
>> D'Oliveiro) wrote:
>>> The original recommendation was to stick with AES-128, and not bother
>>> with AES-192 or AES-256; as far as I know that hasn't changed.
>>
>> That very definitely depends on your use case. My first one, back in
>> about 2012, was protecting archives of source code that would still be
>> valuable now. AES-256 was a no-brainer.
>
> The thing is, AES-256 showed signs of some weaknesses (some kind of
> collisions/congestion in the bit-swizzling somewhere) that AES-128 does
> not suffer from.
The related key attack published in 2009 only impacted AES-192 and
AES-256.
Related key attacks are interesting among cryptologists, but their
practical impact are not big - we are not supposed to use related
keys.
Arne
More information about the Info-vax
mailing list