Re: Announce loop-AES-v1.3b file crypto package

[Mike Touloumtzis <miket@bluemug.com>]

On Thu, Jul 12, 2001 at 01:01:52AM +0200, peter k. wrote:
> 
> it would be also interesting to know the differences between AES,
> AES128 AES256, etc and it would be a good idea to include some kind of
> list [in our future fixed I-patch] with all ciphers compared on, for
> example, how long it will take to decrypt them with ASCI White, how
> fast they are, etc

As far as is known by the public cryptographic community, none of
the AES variants can be broken, so the attacker must do a brute
force search of a keyspace with at least 2^128 values.

Even a 128 bit brute force search (the smallest key size of any
AES variant) is far beyond the capabilities of any supercomputer
in existence.  Ability to break a 128 bit cipher in our lifetimes
will take a revolution in technology, not just improvements to the
current tech.

AES128 (the fastest AES variant) is less than twice as fast as AES256
(the slowest AES variant).  A recent desktop (say, PIII 1GHz) should
be able to do AES256 at more than 100Mbit/s.

If you want a list of "good" (i.e. currently considered unbreakable
by anyone on earth, now or in the foreseeable future) symmetric
encryption algorithms, install GnuPG, run 'gpg --version', and look
at the 'Cipher:' line.  This list omits some algorithms like IDEA
that are patented and thus unimplemented in GnuPG.

miket

Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/