On Mon, 2 Jul 2018 05:03, pgut001(_at_)cs(_dot_)auckland(_dot_)ac(_dot_)nz
said:
security. It's just a personal preference, but I'd add a somewhat stronger
warning to the text in 5.16 for per-chunk unique/random IVs and the
consequences of not using them when some AEAD modes are used.
What about this:
A new random initialization vector MUST be used for each message.
Failure to do so for each message will lead to a catastrophic failure
depending on the used AEAD mode.
Or propose a different text.
Salam-Shalom,
Werner
--
# Please read: Daniel Ellsberg - The Doomsday Machine #
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpjeYBs5683d.pgp
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp