WingNews logo WingNews
top | item 41971385

(no title)

ezcrypt | 1 year ago

That's pretty much spot on. Authentication is planned (and that should handle truncation too if I'm not mistaking): https://codeberg.org/ezcrypt/ezcrypt/issues/3

discuss

order

tptacek|1 year ago

Public key signatures and ciphertext authentication are not the same thing.

ezcrypt|1 year ago

No, I realize that (I was thinking that ssh-keygen could be used as a poor-man's authentication for some use cases - basically share a secret between sender & receiver that can be used to ensure that the message has not been tampered with). One of the reasons that I haven't implemented authentication yet is that I want to better understand the differences and nuances of different methods and use cases before deciding on a method. Recommendations are welcome.