With all the security and privacy fears with the NSA and other 3-letter organizations, if AES is broken or found to be weak would you incorporate other encryption algorithms such as Twofish, Serpent, Blowfish, etc.?
How about doing it anyway?! Keepass and Truecrypt have those alternatives, and I always choose something other than AES, so I was just wondering what your thoughts are.
If AES is broken or found to be weak...
- barefootNH
- Posts: 12
- Joined: Mon Sep 09, 2013 7:25 pm
- Location: New Hampshire
- Contact:
- paulej
- Posts: 593
- Joined: Sun Aug 23, 2009 7:32 pm
- Location: Research Triangle Park, NC, USA
- Contact:
Re: If AES is broken or found to be weak...
Yeah, this has definitely been something I've considered. The reason AES Crypt exists is primarily for two reasons:
IMO, the better approach to security is not casting a wide net and hoping one thing works. Choose one path, make sure it's solid, but always remain open-minded that the one path might be flawed and work quickly to address such flaws.
- To satisfy my desire to have a brain-dead simple Windows encryption tool
- To have something I know will be around for a long time and work on a variety of platforms
IMO, the better approach to security is not casting a wide net and hoping one thing works. Choose one path, make sure it's solid, but always remain open-minded that the one path might be flawed and work quickly to address such flaws.