On Tue, 17 Mar 2015 15:44:47 -0400 Robert J. Hansen wrote: > [*] As I read the tea leaves, I'm more convinced of AES256's long-term > strength than I am of AES128's. However, the idea that either one of > them is somehow 'weak' is just ludicrous. If you use AES128, don't > panic. :)
I remember reading about an attack that works better against AES-256 than AES-128: https://www.schneier.com/blog/archives/2009/07/another_new_aes.html Bruce Schneier wrote: > And for new applications I suggest that people don't use AES-256. > AES-128 provides more than enough security margin for the forseeable > future. But if you're already using AES-256, there's no reason to > change. I am not qualified to argue for or against either cipher, but I wonder if this advice from 2009 is still valid today. René _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users