On Tue, 10 Sep 2013 12:35, p...@spth.de said: > I wonder if it would be a good idea to have an option to combine > symmetric ciphers, e.g. users could state a preference list like this:
Which requires more entropy for the two keys and thus creating an incentive to use a faster and more insure RNG. Although this complicates the code a lot and thus creates more opportunities for exploits. To rephrase Brooks: Adding too many bits to an already suitable key makes the security worse. You would also need a second public keypair to protect the second symmetric key. If you don't, the attacker would target the public key scheme directly - ah well that is in any case the lower hanging fruit. Again: Nobody is breaking an algorithm (public or symmetric) - they are going for the code and then maybe for the RNG. That whole debate about key lengths is missing the point. As Robert pointed out, we can't make any long term estimation on the progress on cipher breaking and new cipher systems. Also: Consider what damage may happen if information leaks in 10 minutes, 10 weeks, or 10 years. If you are concerned about 10 years, you may better not use a networked computer in the first place. Salam-Shalom, Werner -- Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
