There’s been this whole hullabaloo and a lot of fear mongering given the recent Snowden leaks. In light of this we are re-looking at our data encryption algorithm to see if it would be worthwhile to change this.
We have narrowed it down to the following:
- Blowfish 128 bit
This is what we are using currently. Blowfish is fast but seen by experts as a weaker algorithm than AES though this is debatable. One of the perceived benefits is that Blowfish is not used by the NSA, however this is purely an association issue. The cipher is still deemed to be secure.
- AES 128 bit
On modern systems (newer than Pentium 4) this runs faster than Blowfish and may be more secure than Blowfish. It is generally seen as secure up to the year 2030. Some experts claim it’s more secure than 256 bit AES. It is also widely used and has greatest compatibility.
- AES 192 bit
In many cases, still faster than Blowfish 128 bit. Gives a little bit more headroom for bruteforcing. However employs a weaker key schedule than AES 128 bit so may NOT be necessarily more secure (weakness is still theoretical and debatable). This is debatable still but generally is seen as more secure than 128 bit since a higher bit means more protection from brute-forcing (though even 128 bit offers crazy crazy protection against brute forcing).
- AES 256 bit
Generally seen as highest level security, and used for top secret communications by the US government. However also employs a weaker key schedule than AES 128 (weakness is theoretical and debatable still). Tends to be the slowest of all the ciphers evaluated. Theoretically provides protection against quantum computing (which doesn’t quite exist just yet).
In general, our opinion is that the reason why people are moving to 256 bit AES is mostly marketing in that they can claim they are using maximum top secret grade encryption and the frequent misguided approach of ‘higher is better’. Some experts actually view 128 bit AES as more secure than 256 bit.
Our personal take is that 128 bit or 192 bit AES is more than enough without affecting performance too much. We have yet to see how well supported is 192 bit AES in certain systems though.
Here are some relevant sources for you to read to help you evaluate:
Guess why we’re moving to 256-bit AES keys
Cryptographic Key Length Recommendation
Another New AES Atttack