[tahoe-dev] usage of key file or smart card?

Stefan Xenon stefanxe at gmx.net
Tue Nov 24 13:53:29 PST 2009


Sam Mason schrieb:
> On Sun, Nov 22, 2009 at 06:20:07PM +0100, Stefan Xenon wrote:
>> A) increase the key length (e.g. AES-265) 
> 
> I think that would make matters worse.  AFAIK, AES-128 is considered to
> be *stronger* than AES-256 these days.  A somewhat recent summary that I
> found:
> 
>   http://www.schneier.com/blog/archives/2009/07/another_new_aes.html
> 
>> or allow the choice between
>> more algorithms and key lengths in general (user configured).
> 
> Difficult; the caps/urls are getting pretty long already how would you
> encode this while not making them unmanageable?  Also, client support
> becomes a non-trivial issue.

In the middle term we have to replace AES-128 anyway. Don't get me
wrong, there is no problem with it at the moment. But also we know that
no encryption algorithm lasts forever.

The caps don't have to get longer by allowing different algorithms. One
additional byte may be required to signalize which algorithm is used. As
long as the key length isn't increased, the cap's length is not
increased as well.

Definitely clients need to support any algorithm which the system
allows. Nowadays good cryptographic libraries exist which simplify the
implementation enormous.

I don't think any mature system--which has security as a central
feature--can stick with a single algorithm because it doesn't fit for
any purpose/usage. See OpenPGP, TLS/X.509, True Crypt, dm-crypt: All of
them allow various algorithms and key lengths.

Regards
Stefan


More information about the tahoe-dev mailing list