1. 12

  2. 2

    Funnily enough, he screwed up his own crypto.

    1. 1

      DON’T: Use modes which provide both encryption and authentication

      heh. These days, AEAD is recommended all the time.

      1. 4

        As I recall, Colin’s reasoning is that the integrated MACs have more spectacular failure modes than HMAC. He’s not wrong. Done correctly, they’re fine, but they’re more brittle in the event of mistakes.