Can you keep a secret? This encrypted drive can...
Derek Atkins
warlord at MIT.EDU
Mon Nov 6 18:28:14 EST 2006
Quoting "Leichter, Jerry" <leichter_jerrold at emc.com>:
> | ...Compusec is great for home / personal use. It is cheap i.e. $0.00
> | (Free), and does not slow down the computer as much as the other
> | products. But that is because it only support 128 bit AES, which is a
> | major drawback as most enterprise settings require at least 256 bit
> | AES....
> Just wondering about this little piece. How did we get to 256-bit
> AES as a requirement? Just what threat out there justifies it?
> There's no conceivable brute-force attack against 128-bit AES as far
> out as we can see, so we're presumably begin paranoid about an analytic
> attack. But is there even the hint of an analytic attack against AES
> that would (a) provide a practical way in to AES-128; (b) would not
> provide a practical way into AES-256? What little I've seen in the
> way of proposed attacks on AES all go after the algebraic structure
> (with no real success), and that structure is the same in both
> AES-128 and AES-256.
It's a management requirement. The manager sees "AES128" and "AES256"
and thinks "256 must be better than 128" and therefore the edict comes
down that AES256 must be used. It's not a technical decision. It's
not a decision made by analyzing the threats. It's made purely
by assertion, but it's a decision that can't easily be refuted.
> -- Jerry
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord at MIT.EDU PGP key available
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list