Hacker News new | past | comments | ask | show | jobs | submit login

Why not AES256



This is just the mandatory suite, clients can use AES256 if supported. Read the linked RFC for the initial registry of MLS cipher suites.


Because it's slower with no security benefit.


Not in the face of quantum computing. CISA expects cryptographically relevant quantum computers to become a risk within 5 years and is urging all security developers to transition to PQC ciphers as soon as possible.


The current thinking is that 128 bit AES is not really threatened by Grover's algorithm:

* https://words.filippo.io/dispatches/post-quantum-age/#128-bi...

>CISA expects cryptographically relevant quantum computers to become a risk within 5 years...

That seems incredibly unlikely right now...


Five years from now society will be in a full-blown panic about the uninhabitability of our planet. A quantum computer capable of breaking AES-128 will never be built.


> Five years from now society will be in a full-blown panic about the uninhabitability of our planet.

I don't disagree even 1%. Still, I don't think it hurts to plan for this. Broken encryption and hacked electrical grids is even more dangerous when there's a climate catastrophe ongoing.

>A quantum computer capable of breaking AES-128 will never be built.

My company has monthly meetings with the FBI and CISA. They are increasingly placing pressure to move to PQC. They're tight lipped, but they seem to know something we don't and I have the impression the danger is imminent.

Look up companies trying to hire quantum computer science researchers, it's nearly impossible because the federal government is writing blank checks and taking all of them.


Sounds like someone at the FBI or CISA might want to give their friends at the NSA a heads-up then.

https://csrc.nist.gov/Projects/post-quantum-cryptography/faq...

> Taking these mitigating factors into account, it is quite likely that Grover’s algorithm will provide little or no advantage in attacking AES, and AES 128 will remain secure for decades to come.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: