doc: change AES-GCM IV recommendation in WebCrypto (!42611) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/tniessen/doc-webcrypto-aes-gcm-iv-requirements into master Apr 05, 2022

Properly constructing IVs is one of the most important factors when using AES-GCM. Contrary to what the documentation says, random values are not ideal, however, sufficiently long random byte sequences are acceptable when the application cannot deterministically construct unique IVs.

Instead of referring to "the AES-GCM specification", explicitly refer to Section 8 of NIST SP 800-38D.

Admin message

Admin message

doc: change AES-GCM IV recommendation in WebCrypto

Merge request reports