John Kelsey <[EMAIL PROTECTED]> writes:
> Probably not too much, in terms of worrying about
> known-plaintext vs. chosen-plaintext attacks. Though
> honestly, I think designing your PES is like providing
> really effective padlocks for screen doors. (But you could
> say the same thing about AES with 256-bit keys.)
I agree on both counts. But I can see another use for larger keys
than resisting brute force attack: they increase the difficulty of
attacks on protocols and constructions based on inducing collisions in
keys.
--
__
\/ o\ [EMAIL PROTECTED]
/\__/ http://www.cluefactory.org.uk/paul/
