AES-256 is not necessarily the most secure cipher

Indeed, it it most vulnerable to Timing Attacks : https://en.wikipedia.org/wiki/Length_extension_attack

Also, AES 128 is secure enough for every one, so it's still the recommended cipher.
This commit is contained in:
Angristan 2016-12-04 17:21:41 +01:00 committed by GitHub
parent 56477bba34
commit 7a5bb93cbe
1 changed files with 2 additions and 2 deletions

View File

@ -221,9 +221,9 @@ else
echo "and are still viable to date, unlike some default OpenVPN options"
echo ''
echo "Choose which cipher you want to use for the data channel:"
echo " 1) AES-128-CBC (fastest, recommended)"
echo " 1) AES-128-CBC (fastest and sufficiently secure for everyone, recommended)"
echo " 2) AES-192-CBC"
echo " 3) AES-256-CBC (most secure)"
echo " 3) AES-256-CBC"
echo "Alternatives to AES, use them only if you know what you're doing."
echo "They are relatively slower but as secure as AES."
echo " 4) CAMELLIA-128-CBC"