What is best algorithm for PBE? Does 3DES still cut it? AES avail?
843810Jul 30 2004 — edited Aug 25 2004I have a nightly backup process for of all my critical data, which generates a zip archive. The final step is that I ftp this file to a remote server site. For security, I have been encrypting this zip file before sending over the wire. (If anyone is seriously interested in the precise java code that I use to encrypt it, I would be glad to post it here for code review.)
Up till now, I have been using PBEWithMD5AndTripleDES as the default algorithm.
But is 3DES good enough?
There were a couple posts on Slashdot yesterday questioning its usefullness; the parent article is
http://it.slashdot.org/article.pl?sid=04/07/29/1537233&tid=93&tid=103&tid=17
and some of the specific posts relevant to my question are
http://it.slashdot.org/comments.pl?sid=116189&threshold=1&commentsort=0&tid=93&tid=103&tid=17&mode=thread&pid=9834409#9834991
http://it.slashdot.org/comments.pl?sid=116189&cid=9835049
http://it.slashdot.org/comments.pl?sid=116189&cid=9835356
Interestingly enough, this guy recommends 3DES over AES:
http://it.slashdot.org/comments.pl?sid=116189&cid=9834466
What are the thoughts of the experts on this forum?
And if AES is really the better algorithm, is there a way to do PBE with AES? (It does not appear that Sun currently supports this, correct? And does anyone know if they have any plans to support it?)