[Cryptography] Crypto best practices

James A. Donald jamesd at echeque.com
Tue Mar 21 23:28:16 EDT 2017


On 2017-03-21 19:30, Kristian Gjøsteen wrote:
> Note that misuse-resistant means that in the event of IV reuse,
 > all you reveal is whether two plaintexts are equal.

I think the solution here is that when your algorithm says "never reuse 
an IV", you never reuse an IV.

"Misuse resistant" is just too hard, and too complicated, which 
increases the likelihood of misuse.


Every encrypted message needs a secret key, a unique IV at the 
beginning, and an integrity check at the end.


More information about the cryptography mailing list