[openssl-dev] Circumstances cause CBC often to be preferred over GCM modes
mancha
mancha1 at zoho.com
Tue Dec 16 21:00:04 UTC 2014
On Tue, Dec 16, 2014 at 06:28:03PM +0100, Hanno Böck wrote:
> On Tue, 16 Dec 2014 17:17:01 +0000
> Viktor Dukhovni <openssl-users at dukhovni.org> wrote:
>
> > However, where do we fit ChaCha20/Poly-1305? Again, not
> > hand-placement, but some extensible algorithm.
>
> How about this simpler criterion:
> AEAD always beats non-AEAD. GCM and poly1305 are both AEAD. Done with
> it.
Has there been significant cryptanalysis done on ChaCha20-Poly1305? My
quick scan reveals a dearth of peer-reviewed literature.
--mancha
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://mta.opensslfoundation.net/pipermail/openssl-dev/attachments/20141216/98d0eac4/attachment.sig>
More information about the openssl-dev
mailing list