[rentnorove]

Any thoughts on the final line of this refers to?

AUTHENTICATED CRYPTOGRAPHY PATENT NO.: 7,827,408

Message encryption and authentication are typically performed separately. In other words, a message is encrypted using one method and then a cryptographic hash of the message is generated using a second method. This invention is a device for and method of encrypting and authenticating a message and authenticating any additional information. The present invention provides a cryptographically stronger authentication method and is more efficient to implement, than the prior art.

VALUE: Provides combined authenticated encryption in efficient manner. Does not require random numbers, two encryption keys, or checksums.

[lern_too_spel]

Patents are public record. You can see yourself what it refers to. http://www.google.com/patents/US7827408

[brudgers]

Two processes offer twice as many attack surfaces as one process...not considering interprocess communication as a surface in its own right.

A real good use case would be if you knew one of the two current processes was or was likely to become comprised.

[shitlord]

Historically, the agency has preferred to throw hardware at the problem. They like to design ciphers that are optimized for cheap and fast hardware implementations (like Simon). And even today, they still design/build a lot of hardware encryptors. It's likely that they are using separate pieces of hardware to accomplish each task: one for message authentication, one for encryption, and one for decryption.