You are viewing bramcohen

Fri, May. 20th, 2011, 11:32 am
shinigami31

The CTR nonce MUST be random. It cannot be the same value, or zero as you have suggested. Doing so leads to chosen-plaintext attacks.

Authentication should be done after encryption because this is the way that can be proved to work for any encryption and authentication schemes.

No HTML allowed in subject

  
 
   
 

Notice! This user has turned on the option that logs IP addresses of anonymous posters. 

(will be screened)