[ThomasWaldmann]

About "Borg’s crypto has known limitations":

We've just merged new crypto code into master, based on AEAD ciphers (AES-OCB and chacha20-poly1305) and session keys - so the potential nonce management issues are soon a thing of the past.

There's current work adding argon2id as default for the KDF (was: pbkdf2), likely soon to be merged.

Also checking blake3 for the ID hash (MAC) right now (but platform / build compatibility has yet to be seen).

[beermonster]

Is there anything that must be done to take advantage of these new AEAD ciphers on an existing repo/archive ? Or is it all under the hood and transparent to the end user?

[ThomasWaldmann]

It is still early in the development process, but it might be just for new repos.

[aborsy]

Very welcoming improvements, especially the introduction of the standard AEADs from a standard source.

I look forward to these crypto features!

Will error correction coding be on roadmap at some point?

[ThomasWaldmann]

There's this ticket: https://github.com/borgbackup/borg/issues/225

I don't see anything of that in the near future of borg, esp. as long as the fundamental concerns there have not been addressed.