bungle
commented
2 years ago The GCM mode got implemented, so that should be good now. I'll change the defaults in 4.0 and also make the non-gcm to do encrypt then mac.
Closed bungle closed 1 year ago
bungle
commented
2 years ago The GCM mode got implemented, so that should be good now. I'll change the defaults in 4.0 and also make the non-gcm to do encrypt then mac.
bungle
commented
1 year ago The 4.0.0 is released closing this.
Originally this library was implemented according to Secure Cookie Protocol. This is quite adequate still, but it seems security community has now settled on slightly different approach. The main difference is that people mostly promote these days approach called Encrypt-Then-MAC or a cipher that supports a thing called AEAD aka Authenticated Encryption using Associated Data (using different keys for signing and encryption). We may want to modify this library to support different strategies.