diff --git a/README.md b/README.md
index 801c96c..c35a323 100755
--- a/README.md
+++ b/README.md
@@ -52,7 +52,7 @@ For more info, see [reticulum.network](https://reticulum.network/) and [the FAQ
 - Forward Secrecy is available for all communication types, both for single packets and over links
 - Reticulum uses the following format for encrypted tokens:
   - Ephemeral per-packet and link keys and derived from an ECDH key exchange on Curve25519
-  - AES-128 or AES-256 in CBC mode with PKCS7 padding
+  - AES-256 in CBC mode with PKCS7 padding
   - HMAC using SHA256 for authentication
   - IVs are generated through os.urandom()
 - Unforgeable packet delivery confirmations
@@ -328,12 +328,12 @@ intentionally compromised or weakened clone. The utilised primitives are:
   - Ephemeral keys derived from an ECDH key exchange on Curve25519
   - HMAC using SHA256 for message authentication
   - IVs must be generated through `os.urandom()` or better
-  - AES-128 or AES-256 in CBC mode with PKCS7 padding
+  - AES-256 in CBC mode with PKCS7 padding
   - No Fernet version and timestamp metadata fields
 - SHA-256
 - SHA-512
 
-In the default installation configuration, the `X25519`, `Ed25519`, `AES-128-CBC`
+In the default installation configuration, the `X25519`, `Ed25519`,
 and `AES-256-CBC` primitives are provided by [OpenSSL](https://www.openssl.org/)
 (via the [PyCA/cryptography](https://github.com/pyca/cryptography) package).
 The hashing functions `SHA-256` and `SHA-512` are provided by the standard