[6118] in cryptography@c2.net mail archive
Re: AES design questions
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Tue Nov 23 20:31:20 1999
Message-ID: <004601bf360a$0d027160$30cf54ca@home>
Reply-To: "Enzo Michelangeli" <enzom@bigfoot.com>
From: "Enzo Michelangeli" <em@who.net>
To: <cypherpunks@algebra.com>, "David Honig" <honig@sprynet.com>
Cc: <cryptography@c2.net>
Date: Wed, 24 Nov 1999 07:24:50 +0800
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Quantum computers, if they will ever be built, will halve the effective
keylength by bruteforcing in the sqrt() of the time required by a classical
machine.
Enzo
----- Original Message -----
From: David Honig <honig@sprynet.com>
To: <cypherpunks@algebra.com>
Cc: <cryptography@c2.net>
Sent: Tuesday, November 23, 1999 11:28 PM
Subject: AES design questions
>
> 1. Why does AES require 128 bit blocks? Any other reason
> than to make ECB codebook attacks tougher?
>
> 2. Why does AES require >128 bit keylength support? 2^128
> is not practically breakable. What am I missing? Is this
> simple "overengineering" aka "safety margins" (plus "bits are cheap, but
> not so cheap that using minimal-128 isn't worth it
> sometimes")?
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
