paragonie-scott
commented
7 years ago Don't use CFB or OFB. Use CTR then HMAC-SHA256 instead.
See also: https://paragonie.com/blog/2016/05/defuse-security-s-php-encryption-library-version-2-0-0-released
Open archwisp opened 10 years ago
paragonie-scott
commented
7 years ago Don't use CFB or OFB. Use CTR then HMAC-SHA256 instead.
See also: https://paragonie.com/blog/2016/05/defuse-security-s-php-encryption-library-version-2-0-0-released
archwisp
commented
7 years ago I purposefully did not use CTR. Do you have a good rationale for that choice?
When keystream blocks are reused with CFB, bad things can happen. OFB may provide better resistance.