[Cryptech Tech] AES core(s) and use case?
Rob Austein
sra at hactrn.net
Fri Feb 21 21:52:18 UTC 2014
At Fri, 21 Feb 2014 21:59:18 +0100, Joachim Strömbergson wrote:
>
> I meant to say that what was said was that AES-128 is the important
> version.
I believe that's correct, but I'm mostly just repeating what Steve
Bellovin told me. If I recall the story correctly, there are some
theoretical weaknesses in the key schedule for AES-256. Not
immediately clear there are practical attacks, but, as I understand
it, because of this, there is some reason to suspect that AES-128 may
be safer than AES-256 in spite of their respective nominal strengths.
Note that I am not a cryptographer, so I'm not qualified to have an
independent opinion on this. YMMV.
More information about the Tech
mailing list