File tree Expand file tree Collapse file tree 1 file changed +3
-4
lines changed
Expand file tree Collapse file tree 1 file changed +3
-4
lines changed Original file line number Diff line number Diff line change @@ -231,10 +231,9 @@ Format-preserving encryption algorithm (FPE-FF1) specified in NIST Special Publi
231231 - chacha and salsa20 are fine for sequential counters that _ never_ repeat: ` 01, 02... `
232232 - xchacha and xsalsa20 should be used for random nonces instead
2332333 . Prefer authenticated encryption (AEAD)
234- - chacha20poly1305 is good, chacha20 without poly1305 is bad
235- - aes-gcm is good, aes-ctr / aes-cbc is bad
236- - Flipping bits or even ciphertext substitution won't be detected in
237- unauthenticated ciphers
234+ - HMAC+ChaCha / HMAC+AES / chacha20poly1305 / aes-gcm is good
235+ - chacha20 without poly1305 or hmac / aes-ctr / aes-cbc is bad
236+ - Flipping bits or ciphertext substitution won't be detected in unauthenticated ciphers
2382374 . Don't re-use keys between different protocols
239238 - For example, using secp256k1 key in AES is bad
240239 - Use hkdf or, at least, a hash function to create sub-key instead
You can’t perform that action at this time.
0 commit comments