Skip to content
Snippets Groups Projects
Commit 13ebd369 authored by akwizgran's avatar akwizgran
Browse files

The KDF was using CTR mode unsafely. 

The data to be encrypted should go in the IV, with a blank
plaintext, so that the ciphertext is equal to the keystream.

Putting the data in the plaintext would have led to different keys
derived from the same source consisting of the same keystream XORed
with different guessable plaintexts. That would have been bad.
parent a144884e
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment