Y
Hacker News
new
|
ask
|
show
|
jobs
by
tptacek
4425 days ago
The trivial malleability of CTR is apparently why NIST rejected it, but it's important to remember that most unauthenticated block cipher modes are malleable, including XTS.