[Cryptography] Severe flaw in all generality : key or nonce reuse
bascule at gmail.com
Fri Oct 20 21:15:15 EDT 2017
On Fri, Oct 20, 2017 at 2:20 PM, Ray Dillinger <bear at sonic.net> wrote:
> How about - and this may be a radical notion here - but how about NOT A
> STREAM CIPHER?
I'll note that AES(-CMAC)-SIV and AES-PMAC-SIV both use a stream cipher for
encryption (AES-CTR), but are not susceptible to nonce reuse
vulnerabilities because they're MRAE constructions.
The reality is a bit more nuanced than "NOT A STREAM CIPHER"
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography