[OTR-users] What key size am I using?

[Brian Morrison]

On Tue, 17 Dec 2013 10:01:22 -0500
Matt D wrote:

> I am curious as to why we do not use AES-256 and
> larger DSA keys, given the likelihood that programs like echelon are
> eating up all of our data.

For a symmetric cipher such as AES, 128 bits is still a very large key
length to break using brute force methods so there is a fairly low
risk in using that rather than 256 bit. For DH exchange larger key sizes
could be used provided that the extra CPU cycles required are
acceptable to the end user. For OTR usage I would not expect that to be
much of a limitation, it's done infrequently enough that any modern
processor can do it without significant slow down in other processes
it's running.

Of course, the real question is whether the crypto protocols being used
are properly implemented and whether any key material leaks from the
implementation when in use. Or indeed if NSA or similar has weakened
the algorithms or backdoored them.

People are waking up to the reality of the situation, had we all been as
paranoid as we should have been then this sort of level of security
would have become the default long ago.

-- 

Brian Morrison