On Jan 5, 2014, at 4:27 PM, Kurt Roeckx <k...@roeckx.be> wrote: > On Fri, Jan 03, 2014 at 12:19:10AM +0100, Aaron Zauner wrote: >> >>> 3DES isn't broken. >> Triple DES provides about 112bit security (We've a section on the topic in >> the Paper in the Keylenghts section). All ciphers that we >> recomend are at least at 128bit security. > > The document doesn't seem to say that it's trying to reach a 128 > bit security level over the whole chain. It seems to be happy > with 2048 bit RSA keys. They also provide 112 bit security. > True, that's inconsistent. I'll put it to the TODO list.
> If you really want to go for 128 bit, you need to have the RSA > keys of at least something in the order of 3072 bit. If 2048 > is fine, 3DES is fine. > > > Kurt > > _______________________________________________ > Ach mailing list > a...@lists.cert.at > http://lists.cert.at/cgi-bin/mailman/listinfo/ach --- // L. Aaron Kaplan <kap...@cert.at> - T: +43 1 5056416 78 // CERT Austria - http://www.cert.at/ // Eine Initiative der nic.at GmbH - http://www.nic.at/ // Firmenbuchnummer 172568b, LG Salzburg
signature.asc
Description: Message signed with OpenPGP using GPGMail
-- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto