| 1 |
On Fri, 2008-02-29 at 22:31 -0500, Mansour Moufid wrote: |
| 2 |
> On Fri, Feb 29, 2008 at 9:37 PM, Steffen Schulz <pepe_ml@×××.net> wrote: |
| 3 |
> > 128bit are considered secure for the next several years. |
| 4 |
> > |
| 5 |
> |
| 6 |
> On that subject, the CSEC (Communications Security Establishment |
| 7 |
> Canada) publishes an updated summary of safe key cryptoperiods for |
| 8 |
> different algorithms [1] which I like to use a reference. |
| 9 |
> |
| 10 |
> Sincerely, |
| 11 |
> Mansour Moufid |
| 12 |
> |
| 13 |
> [1] http://www.cse-cst.gc.ca/services/crypto-services/crypto-algorithms-e.html |
| 14 |
|
| 15 |
"The use of HMAC with SHA-1 shall be discontinued by the end of 2010." |
| 16 |
|
| 17 |
Sounds like there is work to do for the cryptsetup-luks developers... |
| 18 |
|
| 19 |
One last thing: Serpent doesn't seem to loose performance when used with |
| 20 |
larger keys, still 28MB/s with 256bit keys. |
Archives