Hacker News new | past | comments | ask | show | jobs | submit login

Poly1305 is a fundamentally different class of authenticator than HMAC-SHA256: the addition of an nonce into the function makes it unsuitable for some environments. But given Intel's new instructions, GCM is looking like a more attractive polynomial MAC these days.



Why would you take GCM over OCB (apart from patents)? Or, for that matter, OMAC/EAX?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: