Hacker News new | past | comments | ask | show | jobs | submit login

Does anyone have experience with how this compares to https://www.manning.com/books/real-world-cryptography ? I've read Real World Cryptography and greatly enjoyed it. Flipping through this real quick, it looks like there is a good deal of overlap, though this content appears more technical and focused around sharing code snippets over higher level concepts.

Fun pop question for the audience - what protocols use AES-CFB mode? I see this mode come up every once in a while but outside of standards stating "This is how it works", what protocols and products is it useful in?




It's not useful, and you shouldn't use it. PGP uses a variant of CFB (and is dunked on regularly for it).

Modern systems all tend to use CTR-derived AEAD modes; if I wasn't doing a sealed AEAD, I'd probably do CTR+HMAC.


OpenPGP uses CFB mode. It has the very useful attribute of being self synchronizing. If you have an encrypted file with bad sections you can recover the data past those sections. That is the behaviour you want if you are encrypting backups which is the sort of thing GnuPG is routinely used for.

I give an example of this vs what age does in this article:

* https://articles.59.ca/doku.php?id=pgpfan:agevspgp


Thanks, this is very interesting!




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: