On Fri, Jan 03, 2014 at 12:19:10AM +0100, Aaron Zauner wrote: > > > 3DES isn't broken. > Triple DES provides about 112bit security (We've a section on the topic in > the Paper in the Keylenghts section). All ciphers that we > recomend are at least at 128bit security.
The document doesn't seem to say that it's trying to reach a 128 bit security level over the whole chain. It seems to be happy with 2048 bit RSA keys. They also provide 112 bit security. If you really want to go for 128 bit, you need to have the RSA keys of at least something in the order of 3072 bit. If 2048 is fine, 3DES is fine. Kurt -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto