rfc:mcrypt-viking-funeral

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revisionBoth sides next revision
rfc:mcrypt-viking-funeral [2016/03/16 17:27] sarciszewskirfc:mcrypt-viking-funeral [2016/03/16 17:28] sarciszewski
Line 72: Line 72:
   * It's using MCRYPT_RAND for IV generation, which isn't a CSPRNG   * It's using MCRYPT_RAND for IV generation, which isn't a CSPRNG
   * fnEncrypt() will rtrim() null bytes off the encrypted value before base64 encoding it, which means a 1/256 chance of data corruption that prevents decryption   * fnEncrypt() will rtrim() null bytes off the encrypted value before base64 encoding it, which means a 1/256 chance of data corruption that prevents decryption
-  * fnDecrypt() will rtrim() null bytes off the decrypted plaintext, which means if your plaintext message was raw binary (e.g. gzip compressed), it's now irrecoverable+  * fnDecrypt() will rtrim() null bytes off the decrypted plaintext, which means if your plaintext message was raw binary (e.g. gzip compressed), it's now corrupted
   * There is no MAC, so you transmit this over a network, [[https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken|it's vulnerable to chosen-ciphertext attacks]]   * There is no MAC, so you transmit this over a network, [[https://tonyarcieri.com/all-the-crypto-code-youve-ever-written-is-probably-broken|it's vulnerable to chosen-ciphertext attacks]]
  
rfc/mcrypt-viking-funeral.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1

Page Tools