The cr.yp.to microblog: 2016.02.02 20:26:41

2016.02.02 20:26:41 (694602859187474433) from Daniel J. Bernstein:

AES-128 weakness: see, e.g., https://blog.cr.yp.to/20151120-batchattacks.html. Chrome doesn't support AES-256-GCM (https://www.ssllabs.com/ssltest/viewClient.html?name=Chrome&version=47&platform=OS%20X) but maybe gets CBC right.