> The request is encrypted using AES in CTR mode, with an HMAC-SHA1 using the authenticate-then-encrypt paradigm.
A mere three months later, he would publish The Cryptographic Doom Principle [2] (dated 2011-12-13).
[1]: https://github.com/moxie0/knockknock/commit/e24eb33f666fc092...
[2]: https://moxie.org/2011/12/13/the-cryptographic-doom-principl...
> The request is encrypted using AES in CTR mode, with an HMAC-SHA1 using the authenticate-then-encrypt paradigm.
A mere three months later, he would publish The Cryptographic Doom Principle [2] (dated 2011-12-13).
[1]: https://github.com/moxie0/knockknock/commit/e24eb33f666fc092...
[2]: https://moxie.org/2011/12/13/the-cryptographic-doom-principl...