On Fri, Jan 01, 2016 at 02:00:07PM -0500, James Cloos wrote: > [Msg for followup picked at random from this thread -JimC] > > One thing we should remember on this thread is that it does not only > apply to aes and its' 128-bit block size. > > Because TLS chose to create a NotQuiteChaCha rather than use ChaCha, > its chacha20poly1305 also has a small data volume limit (2^40 bits; > only twice aesgcm's limit).
Huh? AFAIK, the limiting factor with Chacha20 as specced in TLS is the RSN space => 2^64 records maximum (which is 256ZB at max record size, and 352EB just to transmit the record overheads). Transferring just the 352EB at 1,000 Gbps would take about 100 years. -Ilari _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
