doc: remove faulty justification for 128-bit AES #42578

tniessen · 2022-04-02T16:36:01Z

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS.

(AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.)

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.)

github-actions · 2022-04-03T15:23:24Z

Fast-track has been requested by @jasnell. Please 👍 to approve.

nodejs-github-bot · 2022-04-03T20:56:02Z

Landed in d83e7a0

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.) PR-URL: nodejs#42578 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.) PR-URL: #42578 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.) PR-URL: nodejs#42578 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.) PR-URL: #42578 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

This sentence implies that AES-128 is preferred over AES-256 because of a related-key attack from 2009. However, that attack by Alex Biryukov, Orr Dunkelman, Nathan Keller, Dmitry Khovratovich, and Adi Shamir, while impressive, is only effective against variants of AES-256 with a reduced number of rounds and it requires related keys. This means that the attack is not effective against AES-256 as it is used within TLS. (AES-128 is still often preferred over AES-256 simply because it is believed to be sufficiently secure and because it is faster.) PR-URL: nodejs/node#42578 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Mestery <mestery@protonmail.com> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>

nodejs-github-bot added doc Issues and PRs related to the documentations. tls Issues and PRs related to the tls subsystem. labels Apr 2, 2022

Trott approved these changes Apr 2, 2022

View reviewed changes

lpinca approved these changes Apr 2, 2022

View reviewed changes

tniessen added the security Issues and PRs related to security. label Apr 2, 2022

Mesteery approved these changes Apr 2, 2022

View reviewed changes

VoltrexKeyva approved these changes Apr 2, 2022

View reviewed changes

tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Apr 3, 2022

jasnell approved these changes Apr 3, 2022

View reviewed changes

jasnell added the fast-track PRs that do not need to wait for 48 hours to land. label Apr 3, 2022

cjihrig approved these changes Apr 3, 2022

View reviewed changes

aduh95 added the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 3, 2022

nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Apr 3, 2022

nodejs-github-bot merged commit d83e7a0 into nodejs:master Apr 3, 2022

This was referenced Apr 5, 2022

V17.8.1 proposal #42612

Closed

v17.9.0 proposal #42613

Merged

juanarbol mentioned this pull request May 31, 2022

2022-05-XX, Version 16.16.0 'Gallium' (LTS) #43268

Closed

targos mentioned this pull request Aug 3, 2022

v16.17.0 release proposal #44098

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

doc: remove faulty justification for 128-bit AES #42578

doc: remove faulty justification for 128-bit AES #42578

tniessen commented Apr 2, 2022

github-actions bot commented Apr 3, 2022

nodejs-github-bot commented Apr 3, 2022

doc: remove faulty justification for 128-bit AES #42578

doc: remove faulty justification for 128-bit AES #42578

Conversation

tniessen commented Apr 2, 2022

github-actions bot commented Apr 3, 2022

nodejs-github-bot commented Apr 3, 2022