| ▲ | cookiengineer 4 hours ago | |
> XChaCha20-Poly1305 replaced with AES-256-GCM What could possibly go wrong? It's not like every CTF ever designed has a block cipher or counter mode challenge. /s If the project wasn't done by WolfSSL, I would have assumed it's a trolling attempt to mock FIPS requirements. But it's not, and that's the problem. | ||
| ▲ | arter45 3 hours ago | parent | next [-] | |
Are you talking about side channel attacks? Because AFAIK nonce reuse is an issue in both cases. | ||
| ▲ | tptacek 3 hours ago | parent | prev [-] | |
I don't understand the concern here? | ||