[openssl-dev] Enabling AES-192 ciphers, how to expose DHE-RSA-AES192-GCM-SHA384
Leonard den Ottolander
leonard-lists at den.ottolander.nl
Mon Jan 9 20:25:45 UTC 2017
Hello Rich,
On Mon, 2017-01-09 at 19:52 +0000, Salz, Rich wrote:
> AES 192 has been discussed at various times in the IETF mailing lists
> (see CFRG and TLS for most likely places). Here's one posting:
> https://www.ietf.org/mail-archive/web/cfrg/current/msg04820.html
>
> My short summary is that if 128 isn't good enough for you, use 256.
> 192 is a midpoint that only makes things more complicated by adding
> more options (and potentially increases the size of the clienthello
> message, which has had deployment problems with some platforms).
Doesn't the fact that AES-192 seems to be more resistant against related
key attacks than AES-256 "in a world of 2^50 keys" count as an argument
for inclusion?
A related question, is the fact that AES-192 is more resistant to
related key attacks caused by the fact that it uses a key size that is
not an exponent of 2?
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the openssl-dev
mailing list