New cryptographic “right answers”. Was going to be a tweet storm but I don’t want to lose more friends.https://gist.github.com/tqbf/be58d2d39690c3b366ad …
@tqbf +1; but if you're writing .net or Java; you can barely use AES-GCM. If you need portability, AES-CTR + HMAC is best avail. Sucks :(
-
-
@colmmacc AES-CTR+HMAC is even less safe than GCM. -
- 9 more replies
New conversation -
-
-
@colmmacc You may even be better off with pure-software key-dep mult GCM than with CTR+HMAC. -
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.