ankane
commented
1 year ago Hi @jmanico, maybe when it’s more widely available as part of OpenSSL in the future. Users can currently use XSalsa20 if they don’t want to worry about nonce collisions (it doesn’t provide misuse resistance, but the nonce length makes it unnecessary).
GCM-SIV mode makes nonce management a lot easier and more secure. Any plans to support it?
https://en.wikipedia.org/wiki/AES-GCM-SIV