From owner-freebsd-security@FreeBSD.ORG Sun Sep 25 21:17:29 2011 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 20B681065678 for ; Sun, 25 Sep 2011 21:17:29 +0000 (UTC) (envelope-from rsimmons0@gmail.com) Received: from mail-gy0-f182.google.com (mail-gy0-f182.google.com [209.85.160.182]) by mx1.freebsd.org (Postfix) with ESMTP id A20AF8FC0C for ; Sun, 25 Sep 2011 21:17:28 +0000 (UTC) Received: by gyf2 with SMTP id 2so4746553gyf.13 for ; Sun, 25 Sep 2011 14:17:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=688UaVY6pQo0+XMa29AP0Xwzr7urh/8+6bOoaL8U7LQ=; b=WfVF36L2F299nkmNoakYjBNqiuqzhrImXdno4E1PACPmLUrTXPM0znd7byrDMqzYPN HC2ED9Bnfi0kKaW3NLQWWiOgebrWLMNe84XM8GLP6TpnMGmkVQS3yVt9nMeMo/Boh1XB +RbjEPT/9WiZgzN7rLVe8/PN8VG+BC3/AsGvo= MIME-Version: 1.0 Received: by 10.101.170.20 with SMTP id x20mr5158869ano.115.1316985447914; Sun, 25 Sep 2011 14:17:27 -0700 (PDT) Received: by 10.100.191.14 with HTTP; Sun, 25 Sep 2011 14:17:27 -0700 (PDT) Date: Sun, 25 Sep 2011 17:17:27 -0400 Message-ID: From: Robert Simmons To: freebsd-security@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: Which AES to use? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 25 Sep 2011 21:17:29 -0000 I've been reading on Bruce Schneier's blog about key diffusion and the key schedule in AES 256 being poor. Including this, for use in a geli encrypted provider, what are the pros and cons of selecting AES 128, 192, or 256?