Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: =?UTF-8?Q?Arne_Vajh=C3=B8j?= <arne@vajhoej.dk>
Newsgroups: comp.os.vms
Subject: Re: BridgeWorks
Date: Tue, 23 Jul 2024 20:41:45 -0400
Organization: A noiseless patient Spider
Lines: 26
Message-ID: <v7pik9$1dvlh$1@dont-email.me>
References: <v7n59g$11h0t$1@dont-email.me>
 <memo.20240723190737.14216h@jgd.cix.co.uk> <v7pgrb$1dsq8$3@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 24 Jul 2024 02:41:46 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="5aa46971c694eb6a22b215d1e2049678";
	logging-data="1506993"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/p2EZi1RYhtEiDn1/cqG8avK0KA6hVl90="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:Ef6xwJ9e8HGHzvdGFbsqcAtYl+Y=
In-Reply-To: <v7pgrb$1dsq8$3@dont-email.me>
Content-Language: en-US
Bytes: 2006

On 7/23/2024 8:11 PM, Lawrence D'Oliveiro wrote:
> On Tue, 23 Jul 2024 19:07 +0100 (BST), John Dallman wrote:
>> In article <v7n59g$11h0t$1@dont-email.me>, ldo@nz.invalid (Lawrence
>> D'Oliveiro) wrote:
>>> The original recommendation was to stick with AES-128, and not bother
>>> with AES-192 or AES-256; as far as I know that hasn't changed.
>>
>> That very definitely depends on your use case. My first one, back in
>> about 2012, was protecting archives of source code that would still be
>> valuable now. AES-256 was a no-brainer.
> 
> The thing is, AES-256 showed signs of some weaknesses (some kind of
> collisions/congestion in the bit-swizzling somewhere) that AES-128 does
> not suffer from.

The related key attack published in 2009 only impacted AES-192 and
AES-256.

Related key attacks are interesting among cryptologists, but their
practical impact are not big - we are not supposed to use related
keys.

Arne