New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add AES-GCM or ChaCha20Poly1305 #8

Open

paulmillr opened this issue Oct 21, 2021 · 0 comments

Collaborator

paulmillr commented Oct 21, 2021 •

edited

Loading

aes is pretty bad. I know it's there for compatibility, but we should be also exposing GCM (+50-100 loc):

CBC Padding is easy to misuse. CTR or GCM should be preferred to it
GCM is better than CTR/CBC+HMAC (can be parallel; harder to misuse)
GCM has AAD
GCM is the only mode included in TLS v1.3. They've dropped all CTR/CBC ciphers!
If ETH non-wallet apps are using encryption, they should definitely be using GCM, not CTR/CBC

paulmillr changed the title ~~AES-GCM~~ Add AES-GCM or ChaCha20Poly1305

# for free to join this conversation on GitHub. Already have an account? # to comment