-
-
Replying to @matthew_d_green
@matthew_d_green@tqbf@dchest@marshray updated the diagram w\ MACing the nonce. Still unclear on the specifics: https://gist.github.com/tarcieri/5351974 …1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green@tqbf@dchest Even with perfect nonces, using AES-128 expect a keystream collision after just 2^64 encryptions.1 reply 0 retweets 0 likes -
Replying to @marshray
@marshray@matthew_d_green@tqbf@dchest but I'd be using a separate key each time the nonce is changed1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green@tqbf@dchest doesn't matter if the plaintext block counter always starts at 0 and AES key input is only 128 bits.3 replies 0 retweets 0 likes -
Replying to @marshray
@bascule@matthew_d_green@tqbf@dchest NIST provides very specific instructions for implementing CTR mode. Follow them! :-)1 reply 0 retweets 0 likes -
Replying to @marshray
@marshray@matthew_d_green@tqbf@dchest I'm not implementing CTR mode!1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@matthew_d_green@tqbf@dchest What does "Encrypt-then-MAC with AES-CTR" mean then?1 reply 0 retweets 0 likes -
Replying to @marshray
@marshray@matthew_d_green@tqbf@dchest could use a bit more mathematical prose, I admit ;) Will attempt to clean that up1 reply 0 retweets 0 likes -
Replying to @bascule
@bascule@hashbreaker@agl__ NaCl seems to be not following NIST AES-CTR: https://github.com/CaffeinatedMind/NaCl/blob/master/crypto_stream/aes128ctr/portable/api.h#L2 …#define CRYPTO_NONCEBYTES 161 reply 0 retweets 0 likes
@marshray @hashbreaker @agl__ fun!
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.