1 |
On Fri, 2008-02-29 at 22:31 -0500, Mansour Moufid wrote: |
2 |
> On Fri, Feb 29, 2008 at 9:37 PM, Steffen Schulz <pepe_ml@×××.net> wrote: |
3 |
> > 128bit are considered secure for the next several years. |
4 |
> > |
5 |
> |
6 |
> On that subject, the CSEC (Communications Security Establishment |
7 |
> Canada) publishes an updated summary of safe key cryptoperiods for |
8 |
> different algorithms [1] which I like to use a reference. |
9 |
> |
10 |
> Sincerely, |
11 |
> Mansour Moufid |
12 |
> |
13 |
> [1] http://www.cse-cst.gc.ca/services/crypto-services/crypto-algorithms-e.html |
14 |
|
15 |
"The use of HMAC with SHA-1 shall be discontinued by the end of 2010." |
16 |
|
17 |
Sounds like there is work to do for the cryptsetup-luks developers... |
18 |
|
19 |
One last thing: Serpent doesn't seem to loose performance when used with |
20 |
larger keys, still 28MB/s with 256bit keys. |