On Thu, Jul 12, 2001 at 01:01:52AM +0200, peter k. wrote: > > it would be also interesting to know the differences between AES, > AES128 AES256, etc and it would be a good idea to include some kind of > list [in our future fixed I-patch] with all ciphers compared on, for > example, how long it will take to decrypt them with ASCI White, how > fast they are, etc As far as is known by the public cryptographic community, none of the AES variants can be broken, so the attacker must do a brute force search of a keyspace with at least 2^128 values. Even a 128 bit brute force search (the smallest key size of any AES variant) is far beyond the capabilities of any supercomputer in existence. Ability to break a 128 bit cipher in our lifetimes will take a revolution in technology, not just improvements to the current tech. AES128 (the fastest AES variant) is less than twice as fast as AES256 (the slowest AES variant). A recent desktop (say, PIII 1GHz) should be able to do AES256 at more than 100Mbit/s. If you want a list of "good" (i.e. currently considered unbreakable by anyone on earth, now or in the foreseeable future) symmetric encryption algorithms, install GnuPG, run 'gpg --version', and look at the 'Cipher:' line. This list omits some algorithms like IDEA that are patented and thus unimplemented in GnuPG. miket Linux-crypto: cryptography in and on the Linux system Archive: http://mail.nl.linux.org/linux-crypto/
