> For example OpenSSH does a rekeying not later than 4 GiByte even for 128
> bit block length ciphers.

The 256GiB limitation (2**32 blocks of 2**6 bytes = 2**38 bytes; 2**30 is a
gibibyte, 2**8 is 256, hence, 256 GiB) is so well-known that it appears
multiple times in the GnuPG FAQ, even.  All the 64-bit-block ciphers have
notations of "don't encrypt more than about 4GiB of data".

(If people are wondering why we advise 4GiB when the birthday bound is
256GiB, it's because we want a large safety margin.)
 


_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-users

Reply via email to