Open archwisp opened 10 years ago
Don't use CFB or OFB. Use CTR then HMAC-SHA256 instead.
See also: https://paragonie.com/blog/2016/05/defuse-security-s-php-encryption-library-version-2-0-0-released
I purposefully did not use CTR. Do you have a good rationale for that choice?
When keystream blocks are reused with CFB, bad things can happen. OFB may provide better resistance.