Request to replace AES128 with AES256 and SHA256 with SHA384 or SHA512 in fernet.

[evil-user]

@kennyp @kr @hgmnz @ferd @tmaher
Due to quantum computing threats multiple cybersecurity agencies like french ANSSI recommend using AES256 for encryption and atleast SHA384 for hashing purpose. I guess just replacing the algorithms might benefit the entire cryptographic community.

[BartAgterbosch]

Agreed, while 128 bit is technically still within the recommended range of 120bit minimum, it's hanging on by a thread, some already consider it theoretically broken, and if not today, then it will be in the not so distant future.
AES128 should be phased out imo, and AES256 would be a sweet spot in most cases.
Once quantum computers will scale 128 bit will no longer cut it, 256 probably still would tho

[ferd]

Even years ago, we had ended up making a fernet-like library that instead used AES-GCM and called it hairnet. I don't think fernet itself has any active ownership anymore.