|
|
|
|
|
|
by tptacek
339 days ago
|
|
|
FIPS-140 doesn't even speak to most cryptographic vulnerabilities; it could prevent you from using, like, the PKZip cipher rather than AES, but not (really) from having code that could be induced into reusing a GCM nonce. It is of no security value. |
|
|