Consider lifting AES-192 to AES-256

lamps-wg / draft-composite-kem

IETF draft specifying PQC composite KEM algorithms for use in X.509 and CMS

Other

2 stars 1 forks source link

Consider lifting AES-192 to AES-256 #25

Closed danvangeest closed 2 months ago

danvangeest commented 7 months ago

In cms-kyber, we specified id-aes256-wrap for NIST level 3 / 192 bit security, even though it's stronger than necessary, because of a suggestion from Scott that AES-192 isn't as widely supported. Consider doing the same here.

johngray-dev commented 3 months ago

We will update this for IETF 120.