From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.saout.de ([127.0.0.1]) by localhost (mail.saout.de [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id okjUejcOja6W for ; Fri, 4 Jan 2013 21:56:33 +0100 (CET) Received: from mail-ee0-f53.google.com (mail-ee0-f53.google.com [74.125.83.53]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.saout.de (Postfix) with ESMTPS for ; Fri, 4 Jan 2013 21:56:32 +0100 (CET) Received: by mail-ee0-f53.google.com with SMTP id c50so8030973eek.26 for ; Fri, 04 Jan 2013 12:56:32 -0800 (PST) Message-ID: <50E741FB.6050000@gmail.com> Date: Fri, 04 Jan 2013 21:56:27 +0100 From: Milan Broz MIME-Version: 1.0 References: <50DF635C.90003@gmail.com> <50E6C1EC.1000307@gmail.com> <50E6C2B6.30505@ramses-pyramidenbau.de> <50E6C899.2060407@gmail.com> <20130104162652.GB22218@tansi.org> <20130104202025.GA23856@fancy-poultry.org> In-Reply-To: <20130104202025.GA23856@fancy-poultry.org> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Subject: Re: [dm-crypt] Switch to XTS mode for LUKS in cryptsetup in 1.6.0 (Was Re: [ANNOUNCE] cryptsetup 1.6.0-rc1) List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: dm-crypt@saout.de On 01/04/2013 09:20 PM, Heinz Diehl wrote: > On 04.01.2013, Arno Wagner wrote: > >> I think the current state is that in absolute terms AES256 is at >> least as secure than AES128, but maybe not more so. > > What's behind the "maybe", actually? Are there any serious attacks > that can be carried out practically which reduces AES-256 to the > strength of AES-128? Or are those weaknesses only of theoretical > nature? I think it is about related key attacks, I will better not try to interpret the papers. There is a nice summary: http://www.schneier.com/blog/archives/2009/07/another_new_aes.html Milan