I'm surprised this is the thing you want the link for, and not "1 biased bit destroys the security of a 256 bit nonce where the other 255 bits come from secure random".
Ah! Wouldn't that be "attackers can replace an original ciphertext with two chosen blocks"?
> I'm surprised this is the thing you want the link for, and not "1 biased bit destroys the security of a 256 bit nonce where the other 255 bits come from secure random".
Ah! Wouldn't that be "attackers can replace an original ciphertext with two chosen blocks"?
> I'm surprised this is the thing you want the link for, and not "1 biased bit destroys the security of a 256 bit nonce where the other 255 bits come from secure random".
IIRC the link for that is in your hiring post!