Why AES256 as the chosen algorithm?

Why Maidsafe is using predominantly AES 256? Why no Serpent, NIST or another algorythm?

If one day in the future AES get broken, it will a problem for Safe? It will be possible migrate to another?

Thank you.

1 Like

Check out this post and come back if you still have questions (tip: search @dirvine’s posts for AES256 / encryption etc).

2 Likes

This is a very good question. Serpent would have been better all the way around and variety in the algorithm might have provided a security benefit even if negligible.

Doesn’t Serpent have poorer performance than AES256 when it comes to speed? And also, how do we know Serpent is better than AES? I don’t trust the experts when it comes to cryptography.

Not really like performance matters when we have Moore’s law on our side. Performance just isn’t an issue. If you think it is then use hardware acceleration.

Speed performance is important if all the data chunks are encrypted. Hardware acceleration for AES is often available I think. Serpent on the other hand probably hasn’t any widespread hardware acceleration.

1 Like

This is true but Serpent is for certain a more secure algorithm than AES-256. AES 256 may be more accelerated right now but nothing stops us from making open hardware initiatives, developing chipsets, just as how ASICs were developed for Bitcoin.

In the end we will need that anyway or all of this encryption will probably be useless. You require hardware based true random number generation and as to whether or not there is a huge difference in performance between AES 256 and Serpent I honestly don’t think it would be noticeable under most circumstances even without acceleration because CPUs are so fast.

I don’t think we have a practical way of breaking AES-256 as of now, so that shouldn’t be an issue. Snowden papers revealed the NSA is still looking for ways to break it.

One NSA document shows that the agency is actively looking for ways to
break the very standard it recommends - this section is marked as “Top
Secret” (TS): "Electronic codebooks, such as the Advanced Encryption
Standard, are both widely used and difficult to attack
cryptanalytically.

1 Like

I’m aware AES-256 is secure but if people had a choice between AES-256 and Serpent then you spread your risks between two secure algorithms instead of putting all trust in a central point.

I just wanted to point that out specifically, because people could interpret it as not secure when they don’t know any better :wink:

1 Like

AES can utilize the hardware acceleration (like AES-NI) in modern CPU’s.

So for farming on less powerful and power-comsumption-friendly CPU’s like ARM it could also utilize the hardware acceleration. With Serpent you would probably run at 100% CPU all the time and might run into other problems because of it.

1 Like