[Ach] OpenSSH: aes192-crt
Aaron Zauner
azet at azet.org
Sun Jan 5 21:08:41 CET 2014
On 05 Jan 2014, at 20:59, Axel Hübl <axel.huebl at web.de> wrote:
> Hey there,
>
> while we reviewed the OpenSSH section in
> https://github.com/BetterCrypto/Applied-Crypto-Hardening/pull/32/files
>
> we realized the list of Ciphers could be extended by "aes192-ctr" to
>
>> Ciphers aes256-gcm at openssh.com,aes128-gcm at openssh.com,
>> aes256-ctr,aes192-ctr,aes128-ctr
> _________________________|
>
> The extension by that "intermediate" bit strength looks trivial and
> compatibility-widening at the beginning, but we were not sure if it is
> actually "save" (because the other sections in the document only use 128
> and 256).
Short side-note: I remarked in the pull request that we do not have AES-192 anywhere else in the paper and that addition should be discussed first, since we might need to add it at other places as well. In my opinion there’s nothing that suggests any security risk with AES-192. But I’d like some discussion first since it might affect other services as well.
Thanks for your contribution Alex!
Aaron
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1091 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20140105/c3043728/attachment.sig>
More information about the Ach
mailing list