27 Oct
2000
27 Oct
'00
12:07 a.m.
John Kelsey
Probably not too much, in terms of worrying about known-plaintext vs. chosen-plaintext attacks. Though honestly, I think designing your PES is like providing really effective padlocks for screen doors. (But you could say the same thing about AES with 256-bit keys.)
I agree on both counts. But I can see another use for larger keys than resisting brute force attack: they increase the difficulty of attacks on protocols and constructions based on inducing collisions in keys. -- __ \/ o\ paul@cluefactory.org.uk /\__/ http://www.cluefactory.org.uk/paul/