On Sat, Jan 28, 2006, Chris Clark wrote: > > I was hoping for a simpler solution, so rather then letting users > choose the exact cipher suite names they could simply choose between > AES, 3DES, DES, RC4, and they could also choose if they want MEDIUM > (128 bit) encryption, or HIGH (greater then 128 bit) encryption. > > This method works great for everything except AES, which incorrectly > groups all the 128 bit ciphers as being HIGH instead of MEDIUM. > > Is it a known bug, or are the docs outdated? >
The docs are a bit outdated and the designation is always going to be a bit subjective. For example triple DES although it uses 168 bits due to the meet in the middle attack is only effectively 112 bits. Also there are grounds for classifying AES in general as "stronger" (for some value of stronger) due its 128 bit block length compared to the other block ciphers which have a 64 bit block length. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
