The year of the Linux desktop isn’t as interesting anymore. It all sort of works good enough for most people not to need to care now.

What we need is the year of the Linux phone. And it think that we will have to still wait a long time for it. And no, Google/Linux does not count.

Same here. It just works and works well

I get that coding cryptography is fun. I did it in university for the relevant classes where we had been given specific exercises, test vectors, in the second one even automatic testing with thousands of test cases, and speed mattered too. For education, that’s pretty amazing, but if you do your own Crypto and put it in production you’re just asking for trouble.

This really is just an AES GCM case. And don’t understate the beauty of using a well formalized and thought out crypto primitive for actual applications. Cryptography is fucking cool.

:(

What do you mean, the XOR Algorithm?? For this case, an AES-256 GCM AEAD (Authenticated Encryption, possibly with Associated Data) seems like the perfect use case. AES GCM is usually the most secure mode.

I hope you didn’t literally use XOR, so like you have some key stream the length of your data, XOR the key stream with the data to get some output. This is what some modes do internally, like AES CBC, but for an application you should just use something from a stable crypto library.

If anything, keep to Rule Number 1: Never do your own Crypto.