[Ach] General agreement on cipher and hash strength and choice

[Philipp Gühring]

Hi,

>From my point of view, there is no clear preferance regarding AES128 vs.
AES256 from the security point of view, it depends on your subjective
attacker.
Therefore, I don´t mind that we aren´t consistent in a preferrance at the
moment regarding AES128 vs. AES256.

Regarding SHA256 vs. SHA512, I think SHA512 is likely more secure than
SHA256, but both are acceptable at the moment.
Regarding RSA, my current suggestion is to use 4096 for long-term keys
like root-certificates, and to use 2048 bits for normal applications.

Best regards,
Philipp Gühring

-----Original Message-----
From: <Daniel.Kovacic at a-trust.at>
To: <ach at lists.cert.at>
Date: Sun, 24 Nov 2013 17:49:54 +0000
Subject: [Ach] General agreement on cipher and hash strength and choice

> Hi,
> 
> I am currently revicing the gpg (cipher suite) section and I noticed
> that we are very inconsistent in ordering ciphers and hashes in our
> configs. Especially AES{128|256}, SHA{256|512} etc attracted me. To be
> precise we have no consensus whether we prefer aes128 over aes256,
> sha256 over sha512 and so on. Same with RSA key lenght. I personally
> dont like that and I think we should get to an agreement here. I prefer
> recommending the most compatible, wide spread, fastest etc algorithm we
> agree on being absolutely recommendable at the point of writing. So I
> would always list aes128 before aes256 and sha256 before sha512 per
> default. I also think that just preferring the bigger numbers for the
> sake of being bigger looks a bit dubious and one who reads rsa 4096
> might ask 'why?'
> 
> best regards
> Daniel
> 
> PS.: Sorry, if this message arrives multiple times. something here in
> our outlook is tricking me :-/
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach