On 20/11/2014 09:45, Viktor Dukhovni wrote: > As for NSA, they originally specified AES-192 for TOP > SECRET, but this never became popular in hardware (Intel AES-NI, > ...) so the suite-B spec got changed to AES-256. > I'm not sure what you mean here. Intel's AES-NI supports AES-192 just as well as AES-128 and AES-256. (It provides the round functions, and assistance for key expansion. How much you expand your key and how many rounds you do is up to you.) There are probably hardware implementations that allow only 128 or 256, but AES-NI is not one of them.
Manuel. _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
