> Doesn't the fact that AES-192 seems to be more resistant against related key
> attacks than AES-256 "in a world of 2^50 keys" count as an argument for
> inclusion?
> A related question, is the fact that AES-192 is more resistant to related key
> attacks caused by the fact that it uses a key size that is not an exponent of 
> 2?

Take it up with the IETF folks; I was just summarizing why.
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to