This repository has been archived by the owner on Aug 1, 2023. It is now read-only.
Remove aes256 dependency?
#96
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Symmetric encryption is used in generic invites using
aes256.aes256encryption uses CTR mode, while the blockstack encryption is using CBC mode inencryptECIS. Does it make sense to have two different encryption methods? For maintenance reasons, it would be better to just have one.The security of both modes are for example discussed in https://security.stackexchange.com/questions/27776/block-chaining-modes-to-avoid/27780#27780
The text was updated successfully, but these errors were encountered: