Hacker News new | past | comments | ask | show | jobs | submit login

There definitely are similar pitfalls in AES, and nobody should be encrypting with "AES"; they should be using something like AES-GCM-SIV (or, to extend the analogy with the post, Chapoly, which has the virtue of only being usable in a relatively secure fashion). More cryptography has been broken by casual invocation of AES than has been broken by serious attempts to deploy custom ciphers.

Registration is open for Startup School 2019. Classes start July 22nd.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact