New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[feature request] - Using AES-GCM instead of CBC #55

Open

Sparkenstein opened this issue Jun 15, 2024 · 1 comment

Sparkenstein commented Jun 15, 2024

I was developing some small utility, I got this warning in the browser:

AES-CBC and AES-CTR do not provide authentication by default, 
and implementing it manually can result in minor, but serious mistakes. 
We recommended using authenticated encryption like AES-GCM to protect 
against chosen-ciphertext attacks.

Which makes sense, KDBX is used for storing data alongside secrets, GCM helps in checking if data is tampered or not. Should look into it

The text was updated successfully, but these errors were encountered:

Author

Sparkenstein commented Nov 10, 2024

I am assuming the project is dead

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment