Welcome Guest.   Make a donation to an author on the site September 30, 2014, 03:01:50 PM  *

Please login or register.
Or did you miss your validation email?


Login with username and password (forgot your password?)
Why not become a lifetime supporting member of the site with a one-time donation of any amount? Your donation entitles you to a ton of additional benefits, including access to exclusive discounts and downloads, the ability to enter monthly free software drawings, and a single non-expiring license key for all of our programs.


You must sign up here before you can post and access some areas of the site. Registration is totally free and confidential.
 
The N.A.N.Y. Challenge 2011! Download 30+ custom programs!
   
   Forum Home   Thread Marks Chat! Downloads Search Login Register  
Pages: [1]   Go Down
  Reply  |  New Topic  |  Print  
Author Topic: AES-256 less secure than AES-128  (Read 4716 times)
gjehle
Member
**
Posts: 285



lonesome linux warrior

see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« on: August 01, 2009, 07:48:19 AM »



This just in from #mircryption
I'll just quote it here since lizzy didn't want to sign up just for that:

Quote
123446 <lizzy_> hi guys
123504 <lizzy_> we have a BIG problem, at the Pre-panic stage:
123523 <lizzy_> look at today's slashdot.org
123550 <lizzy_> Cryptography is all about safety margins. If you can break n round of a cipher, you design it with 2n or 3n rounds. What we're learning is that the safety margin of AES is much less than previously believed. And while there is no reason to scrap AES in favor of another algorithm, NST should increase the number of rounds of all three AES variants -- now, before there is a reason to panic.
123614 <lizzy_> At this point, I suggest AES-128 at 16 rounds, AES-192 at 20 rounds, and AES-256 at 28 rounds. Of maybe even more; we don't want to be revising the standard again and again.
123614 <lizzy_> And, even more strongly, I suggest that people don't use AES-256. AES-128 provides more than enough security margin for the forseeable future.
123614 <lizzy_> Schneier on Security: Another New AES Attack (1 August 2009)
123614 <lizzy_> http://www.schneier.com/b...9/07/another_new_aes.html
123614 <lizzy_> http://snipurl.com/ogstr
124102 <lizzy_> ..
124143 <lizzy_> i also propose that the number of rounds used be shown ,eg: AES256-16
125559 <lizzy_> see also: slashdot.org
Logged
mouser
First Author
Administrator
*****
Posts: 33,418



see users location on a map View Profile WWW Read user's biography. Give some DonationCredits to this forum member
« Reply #1 on: August 01, 2009, 07:59:03 AM »

fascinating stuff.
Logged
Crush
Member
**
Posts: 399



Hello dude!

see users location on a map View Profile Read user's biography. Give some DonationCredits to this forum member
« Reply #2 on: August 01, 2009, 08:31:19 AM »

 Grin  Use the Crush Cryptonizer and you can decide how many rounds and key-lengths shall be used for encryption. If you wish to make 5.000.000 rounds on a key with the length of 1 MB or several GB ... no problem!
« Last Edit: August 01, 2009, 08:33:22 AM by Crush » Logged
housetier
Charter Honorary Member
***
Posts: 1,321


see users location on a map View Profile Give some DonationCredits to this forum member
« Reply #3 on: August 01, 2009, 09:55:22 PM »

I heard this as well from a friend who knows the crypty stuff. He also assured me to use aes-128 over aes-256.
Logged
Pages: [1]   Go Up
  Reply  |  New Topic  |  Print  
 
Jump to:  
   Forum Home   Thread Marks Chat! Downloads Search Login Register  

DonationCoder.com | About Us
DonationCoder.com Forum | Powered by SMF
[ Page time: 0.029s | Server load: 0.07 ]