The successful attacks were on reduced-round versions of the algorithm, not on the current implementations. The article was mostly informative for crypto geeks as a state-of-the-art. The practical advice for end-users would be to stick with the defaults for now.
Joe On Wednesday, August 19, 2009, at 06:28AM, "Kevin Hilton" <kevhil...@gmail.com> wrote: >Although I usually get a wide range of responses, is there any >practical advice an end-user should take away from the recent AES256 >attacks as described >here:http://www.schneier.com/blog/archives/2009/07/another_new_aes.html? > Should I continue to use AES256 (double AES) or default to single AES >or simply default back to 3DES, or just sit tight? Although I found >the article interesting (not sure if I understood a lot of the blog >comments), is there any practical advice I should take away from it as >it relates to GnuPG? > >-- >Kevin Hilton > >_______________________________________________ >Gnupg-users mailing list >Gnupg-users@gnupg.org >http://lists.gnupg.org/mailman/listinfo/gnupg-users > > _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users