Today we published a security fix for http://golang.org/x/crypto/salsa20 …. If you generated more than 256 GiB of output from a single key+nonce pair, it would loop due to a counter overflow. Found by @mbmcloughlin's fuzzers.https://groups.google.com/d/msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJ …
-
-
Like I'd say to people: hey if you did encrypt > 256GiB, for file storage or something, then you need to go decrypt it with the old version, then re-encrypt it with the fixed version, and never use the NaCL version.
-
I agree it's unfortunate, but the confidentiality concern definitely dominates. Also, it's easy to rollback a Go dependency (if you realize that's your issue.) As for telling people, that feels too use-case specific to effectively communicate it to a wide audience.
- 1 more reply
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.