> Have people given thought to the private key encryption methods in light of potential quantum attacks? The current consensus is that quantum attacks are largely ineffective against modern ciphers (including AES). Once upon a time, it was thought that symmetric key sizes would need to be doubled (i.e.: 256- bit AES would have the equivalent strength of 128-bit), but further studies suggested this not to be true. Instead, it seems that a 128- bit AES key would just have a couple bits of security knocked off. Sorry, I don't have any references off-hand about this, but I'm sure someone can chime in with some... - Joe _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev