Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> Given the many vulnerabilities related to the use of AES-CBC with HMAC

What are they talking about here? Are there any important ones if you MAC after encryption? The only vulnerabilities I know of are when you MAC before you encrypt.



They're talking about the TLS CBC constructions, not AES-CBC and HMAC in the abstract.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: