The cr.yp.to microblog: 2013.11.22 03:16:19

2013.11.22 03:16:19 (403708492193607680) from Daniel J. Bernstein, replying to "Solar Designer (@solardiz)" (403619386202013696):

Chromium should fix the code, but is there actually a security issue? Doesn't the protocol limit stream size to packet size? @solardiz

Context

2013.11.21 21:22:15 (403619386202013696) from "Solar Designer (@solardiz)":

Authors have dropped a 0-day on page 9. ;-) Vector implementation of ChaCha20 in NSS/OpenSSL in Chromium will reuse keystream after 256 GB.