|
|
|
|
|
|
by kbolino
735 days ago
|
|
|
Yeah, interoperability basically dictates 96-bit nonces. I'd say GCM is hard to use correctly for any situation where you have an indefinite amount of data to encrypt and you can't do deterministic nonce generation and you can't rekey easily. |
|
|