@ianbfarquhar @Falkvinge modern ciphers aren’t vulnerable to known plaintext attacks
@ianbfarquhar @Falkvinge in most TLS use cases, 99.9% of the plaintext is known and we’re guarding things like session/CSRF tokens
-
-
@bascule So let me restate my position, where the key has long term value & encrypts other data, best practice is to minimize KP access. -
@ianbfarquhar and let me restate my position: encrypting known plaintext with modern ciphers is commonplace and there are no known attacks -
@bascule I concur. But I focus on the "known". Unless there is formal proof that no KP attacks will ever be found... (More) -
@ianbfarquhar you should probably be more worried about related key attacks on AES and the AES key schedule in general -
@bascule I do worry about related key attacks. Got a ref to issues with the AES key schedule concern? Not followed that.
End of conversation
New conversation -
-
-
@bascule@Falkvinge Agreed on that point. The key is of no value in that use case.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.