next AE cipher COLM?

Tobias Mueller muelli at cryptobitch.de
Fri May 18 16:36:58 CEST 2018

Previous message (by thread): next AE cipher COLM?
Next message (by thread): next AE cipher COLM?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Fri, 2018-05-18 at 10:12 +0200, Werner Koch wrote:
> OCB is a clean and simple design which does not leak the plaintest on
> accidental IV reuse.
> 
It may not leak the actual plaintext right away but it degenerates to
ECB which some people consider to be equally bad.

Cheers,
  Tobi

Previous message (by thread): next AE cipher COLM?
Next message (by thread): next AE cipher COLM?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gnupg-devel mailing list