On 01/04/2013 09:20 PM, Heinz Diehl wrote: > On 04.01.2013, Arno Wagner wrote: > >> I think the current state is that in absolute terms AES256 is at >> least as secure than AES128, but maybe not more so. > > What's behind the "maybe", actually? Are there any serious attacks > that can be carried out practically which reduces AES-256 to the > strength of AES-128? Or are those weaknesses only of theoretical > nature? I think it is about related key attacks, I will better not try to interpret the papers. There is a nice summary: http://www.schneier.com/blog/archives/2009/07/another_new_aes.html Milan _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
