Re: 256-bit vs 512-bit strength security

To: Ralph Weber <roweber@IEEE.org>
Cc: owner-t10@t10.org, "'t10@t10.org'" <t10@t10.org>
Subject: Re: 256-bit vs 512-bit strength security
From: Kevin D Butt <kdbutt@us.ibm.com>
Date: Thu, 13 Sep 2007 11:20:01 -0700
X-Message-Number: 8066
Formatted message: HTML-formatted message

All,
I would like to share what Hugo Krawczyk, one of IBM's cryptographers has 
shared with me.
<<
The 256-strength suite is total overkill.
There is no need to use AES with 256-bit key today or SHA-512.
Of course, the 128-bit suite may be broken next month (or in 5 years) but 
the same is possible 
for the 256-bit suite. Actually, who said 500-bit EC will not turn out to 
have only 128 bit of security in a 
breakthrough cryptanalysis in 5-10 years (or next month)?
Given the information we have today, the 128-bit suite is good enough for 
almost all commercial applications.
If you need security of your data for the next 50 years you may consider 
going to a stronger suite, but then 
(again) who said that the 256-bit will suffice? (for 50 year security I 
recommend sending it inside a physical safe :)
The only reason I see now for going for a 256-bit suite is to promote ECC.
That may or may not be a good idea, but it should be clear that that's the 
only relevant reason for this suite.
Hugo
>>
Thanks,
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Tel: 520-799-2869 / 520-799-5280
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt@us.ibm.com
http://www-03.ibm.com/servers/storage/ 
Ralph Weber <roweber@IEEE.org> 
Sent by: owner-t10@t10.org
09/12/2007 07:25 PM
To
"'t10@t10.org'" <t10@t10.org>
cc
Subject
256-bit vs 512-bit strength security
* From the T10 Reflector (t10@t10.org), posted by:
* Ralph Weber <roweber@ieee.org>
*
Reminder:
On Wednesday afternoon in Vancouver, you will be asked
to vote your company's position on a choice between
mandating 256-bit strength security or 512-bit strength
security in SPC-4.
If you do not yet know your company's position,
now would be a good time to start asking some
embarrassing questions.
All the best,
.Ralph
*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo@t10.org