> For example OpenSSH does a rekeying not later than 4 GiByte even for 128 > bit block length ciphers.
The 256GiB limitation (2**32 blocks of 2**6 bytes = 2**38 bytes; 2**30 is a gibibyte, 2**8 is 256, hence, 256 GiB) is so well-known that it appears multiple times in the GnuPG FAQ, even. All the 64-bit-block ciphers have notations of "don't encrypt more than about 4GiB of data". (If people are wondering why we advise 4GiB when the birthday bound is 256GiB, it's because we want a large safety margin.) _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users