Three+ years and several papers later there's now RFC 8452: AES-GCM-SIV. Want to take advantage of AES-GCM hardware support but dislike AES-GCM exploding if you ever repeat a nonce? Try new AES-GCM-SIV. (Encryption runs at about 75–90% of GCM, decryption should be ~same.)
-
-
Seems useful for TLS 1.3 cookies too.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.