aboutsummaryrefslogtreecommitdiffstats
path: root/docs/hazmat/primitives/symmetric-encryption.rst
diff options
context:
space:
mode:
authorEeshan Garg <jerryguitarist@gmail.com>2015-05-20 20:35:33 +0530
committerEeshan Garg <jerryguitarist@gmail.com>2015-05-20 20:35:33 +0530
commit9475900768962207477ed7d6e84e4099157a9d3f (patch)
tree1ec40291a8bc6b322e1f73ce8bc72acc49c43b20 /docs/hazmat/primitives/symmetric-encryption.rst
parentf2646557cbe6ee7dc8c338ad60b188a8ab1978ab (diff)
downloadcryptography-9475900768962207477ed7d6e84e4099157a9d3f.tar.gz
cryptography-9475900768962207477ed7d6e84e4099157a9d3f.tar.bz2
cryptography-9475900768962207477ed7d6e84e4099157a9d3f.zip
Docs for CTR and GCM should say that IV/nonce must be unique
Diffstat (limited to 'docs/hazmat/primitives/symmetric-encryption.rst')
-rw-r--r--docs/hazmat/primitives/symmetric-encryption.rst13
1 files changed, 6 insertions, 7 deletions
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 47486895..309c6fd0 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -240,7 +240,7 @@ Modes
**This mode does not require padding.**
- :param bytes nonce: Should be :doc:`random bytes </random-numbers>`. It is
+ :param bytes nonce: Should be unique, a :term:`nonce`. It is
critical to never reuse a ``nonce`` with a given key. Any reuse of a
nonce with the same key compromises the security of every message
encrypted with that key. Must be the same number of bytes as the
@@ -305,12 +305,11 @@ Modes
**This mode does not require padding.**
- :param bytes initialization_vector: Must be :doc:`random bytes
- </random-numbers>`. They do not need to be kept secret and they can be
- included in a transmitted message. NIST `recommends a 96-bit IV
- length`_ for performance critical situations but it can be up to
- 2\ :sup:`64` - 1 bits. Do not reuse an ``initialization_vector`` with a
- given ``key``.
+ :param bytes initialization_vector: Must be unique, a :term:`nonce`.
+ They do not need to be kept secret and they can be included in a
+ transmitted message. NIST `recommends a 96-bit IV length`_ for
+ performance critical situations but it can be up to 2\ :sup:`64` - 1
+ bits. Do not reuse an ``initialization_vector`` with a given ``key``.
.. note::