[Discuss] KeePassX
Edward Ned Harvey (blu)
blu at nedharvey.com
Wed Aug 14 09:38:54 EDT 2013
> From: discuss-bounces+blu=nedharvey.com at blu.org [mailto:discuss-
> bounces+blu=nedharvey.com at blu.org] On Behalf Of Kent Borg
>
> Bruteforcing
> 128-bits is impossible. Bruteforcing 256-bits is 128-bits times as
> impossible.
Careful here. Someday, there might exist a perfect block cipher, but at present, all known block ciphers (including AES) suffer from the even-vs-odd permutation problem, which means, that a cipher with 128 bit key is only as strong as an ideal cipher with 64 bits. If you want 128 bit strength (BigO 2^128 operations to brute force attack), you have to use the 256 bit key.
I don't have a reference I can point you to on the internet. I read this in Cryptography Engineering (Schneier, Ferguson, Kohno).
More information about the Discuss
mailing list