On Tue, Dec 1, 2015 at 8:55 AM, Julien Vehent wrote:
>
> AES-NI is fast enough that we shouldn't have to care:
>
> $ openssl speed -evp aes-256-gcm
> type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
> aes-256-gcm 385250.93k 983154.24k
On 11/30/2015 12:07 PM, Julien Vehent wrote:
On 2015-11-30 12:47, Robert Relyea wrote:
I've always found the 128 bit prioritized over 256 a silly
recommendation, I support reordering.
Can you expand on why you think it is silly?
The argument went that 128 bit was 'sufficient' and there was
Julien Vehent wrote:
> The original thread [1] had a long discussion on this topic. The DJB batch
> attack redefines the landscape, but does not address the original concerns
> around AES-256 resistance. To me, the main question is to verify whether
> AES-256
On 11/25/2015 02:01 PM, April King wrote:
My colleague Julien Vehent and I are in the process of updating the
Mozilla Server Side TLS documentation:
https://wiki.mozilla.org/Security/Server_Side_TLS
One of the topics of conversation was whether or not the Modern TLS
configuration should
On 2015-11-30 12:47, Robert Relyea wrote:
I've always found the 128 bit prioritized over 256 a silly
recommendation, I support reordering.
Can you expand on why you think it is silly?
The original thread [1] had a long discussion on this topic. The DJB
batch attack redefines the landscape,
Other recommended reading when discussing this:
https://crypto.stackexchange.com/questions/5118/is-aes-256-weaker-than-192-and-128-bit-versions
https://www.schneier.com/blog/archives/2009/07/another_new_aes.html
My colleague Julien Vehent and I are in the process of updating the
Mozilla Server Side TLS documentation:
https://wiki.mozilla.org/Security/Server_Side_TLS
One of the topics of conversation was whether or not the Modern TLS
configuration should prefer AES-256 over AES-128. Recently, there
7 matches
Mail list logo