[Cryptech Tech] Use case for AES-192?

Joachim Strömbergson joachim at secworks.se
Mon Jul 21 20:35:57 UTC 2014


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Aloha!

The recent discussion on ietf-cfrg maillist regarding the key strengths
for asymmetric vs symmetric algorithms (and requirements in Suite B) [1]
got me thinking.

Are there any of our primary use cases that would require AES-192? Or
would AES-128 and AES-256 suffice? (Say yes, please. ;-)

There isn't that big additional complexity to support AES-192, but there
is some and needs to be tested. I would prefer only having 128 and 256 keys.


[1] This discussion highlighted the fact that AES often is used with 256
bit keys, but asymmetric primitives (EC) use 384 bit key lengths, or 192
equivalent strength. The reason for this seemed to be that Suite B
called for 192 bit strength, but no AES implementation implemented 192
bits, only 128 and 256. Thus 256 is used.

- -- 
Med vänlig hälsning, Yours

Joachim Strömbergson - Alltid i harmonisk svängning.
========================================================================
 Joachim Strömbergson          Secworks AB          joachim at secworks.se
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJTzXmsAAoJEF3cfFQkIuyNn+EP/ijK3+GQQHAa5/qimIHwv9Sm
1a4VCEsGe+fL2U4Ae/aRK46oqkF58eNrj4WiQUN1UfCXZ6rL1rf2Dsenmkwr+tsS
X+AqaJVOTDDMTjb2MYSLDxuvDsbR7PUUPttFVGJprFfdCZ/lYkUEeoTbTesgLMi1
2K6GIPbjNZ9Rud4/LHtSJu7hnULw1qU938k/7AIj3L/5ARVlo6WJYMUG6sR/SEk+
pLQ3yfTDt8SUYGsKiNgIINXlt5WAwMbg/pypRuFJtkQiLN3v6KyJjrfPElRvU/Dg
ipeYuOVh50ii21x9PSAYlaBTjInGidc7m+o8ZxVc6yCKh6kzXKEjlP1A1zYqgklV
eLF29Kcymcy8ZalMA9cdbL1AfbyQz/q55rOSWFZev2T4tyB5jnrXvmZNtltCJ/Dn
EJ/L+XnxabuhG9SSSf1HfkwhjCHZJYUZumqHUn9k9qEqomJ0f5prfHIpBDvXg7pS
rMOcTVhtVnp7UXlXpLPWpyiQ/UUu7t3kAyzqCx2LsjhALGzu5wngJ3K7B+xOCyxI
eNxYoU3e8FN9oJFKmKLbctQDaSQLMnf2MlRq3JzfHFjtJLa4Be5AKbI+mDh+UMFT
FaVCnlCfJUREOTFuHrKDCIpHlMThfZD/HtXx3n+gJsMvw4Kl8EhpW1uXB6oXjVo3
SPS8reYSjkK3KR2HDlIK
=TGjA
-----END PGP SIGNATURE-----


More information about the Tech mailing list