256-bit keys (was Re: Paranoid Encryption Standard)
Paul Crowley
paul at cluefactory.org.uk
Wed Oct 25 02:58:46 PDT 2000
John Kelsey <kelsey.j at ix.netcom.com> writes:
> Probably not too much, in terms of worrying about
> known-plaintext vs. chosen-plaintext attacks. Though
> honestly, I think designing your PES is like providing
> really effective padlocks for screen doors. (But you could
> say the same thing about AES with 256-bit keys.)
I agree on both counts. But I can see another use for larger keys
than resisting brute force attack: they increase the difficulty of
attacks on protocols and constructions based on inducing collisions in
keys.
--
__
\/ o\ paul at cluefactory.org.uk
/\__/ http://www.cluefactory.org.uk/paul/
More information about the cypherpunks-legacy
mailing list