From: Arne Vajhøj on 27 Jul 2008 20:50 Kenneth P. Turvey wrote: > On Sat, 21 Jun 2008 23:26:10 -0400, Arne Vajhøj wrote: >>> Yeah, use triple DES. It has just as good security (potentially >>> better) and is supported. Its only disadvantage is that it is slower. >> 3DES is not potentially better than AES. >> >> With long keys AES is better than 3DES. > > And with short keys it is roughly equivalent. There are a number of > concerns about the security of AES that don't exist for 3DES. Given that > the security of these ciphers is really a matter of making it more > expensive for someone to break the security than to find other ways of > getting the information, whether AES is better than 3DES really depends > on what you are securing. > > The key length of AES may be set to 128 bits. The key length of 3DES is > 112 bits. Given that there are suspected weaknesses in AES that may > reduce the real key length it _may_ be that 3DES is better than AES. We > probably won't know for sure for decades. AES can be used with 128/192/256 bits. 3DES is 168 bit (with security equivalent to 112 bit it is claimed). AES is approved by NSA for secret information with 128/192/256 and top secret with key size 192/256 (if they review the implementation). 3DES is not. I think there is every indication that AES is significantly better than 3DES. And the industry trend is very clear - there is a switch from 3DES to AES (even though it will take a long time before the last 3DES app is gone). > The reality is that for the kinds of data the poster was looking to > encrypt, i.e. the kind of data you ask people on USENET how to encrypt, > 3DES is just as good as AES. If you also take into account the fact that > it is easily supported by the API then it makes it a win. The Java API for 3DES and AES is the exact same, so I can not follow that argument. Arne
|
Pages: 1 Prev: Problem wid eclipse.. Next: Swing library (jp.gr.java_conf.tame.swing.table) jar file needed |