* [dm-crypt] Latest attacks on AES-256: AES key size
@ 2009-08-01 11:33 Ulrich Lukas
0 siblings, 0 replies; only message in thread
From: Ulrich Lukas @ 2009-08-01 11:33 UTC (permalink / raw)
To: dm-crypt
Hi,
regardless of the two requirements of related keys and the reduced
number of rounds in the latest attacks against AES-256, as Bruce
Schneier describes in his blog:
http://www.schneier.com/blog/archives/2009/07/another_new_aes.html
I have a question because Schneier points out that AES-256 uses a
"pretty lousy" key schedule.
In the second to last paragraph, he suggests that people should use
AES-128 instead, which "provides more than enough security margin for
the forseeable future".
My question is, also regarding performance issues, if this should be an
indication for users of dm-crypt, that AES-128 is a better choice than
AES-256.
Does the related-key scenario for the exploit come into play in case
there are storage arrays with multiple dm-crypt volumes?
Regards,
Ulrich
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-08-01 11:33 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-08-01 11:33 [dm-crypt] Latest attacks on AES-256: AES key size Ulrich Lukas
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.