Skip to main content

🎊 We are starting #2024 off right! 🎉

With the latest update all Tuta accounts are now utilizing #Argon2 and #AES256 encryption by default.🔒💪

This security improvement is the next step towards full #postquantum encryption!
👉 https://tuta.com/blog/aes-256-encryption

AES 256 Is Now Securing All Your Encrypted Tuta Emails

We have updated to AES 256 encryption by default, the next step towards full post-quantum encryption!
Tutanota
#argon2 #aes256 #postquantum
in reply to Tuta

Betelgeuse Vore
Betelgeuse Vore

That's good news! However, I do hope that you guys are not planning to rely solely on Kyber for the pq KEM. I've heard things from @djb . I think everyone would have a better peace of mind if you guys did what Mullvad have done and used two pq primitives: https://mullvad.net/en/blog/mullvads-usage-of-kyber-is-not-affected-by-kyberslash

Edited for clarity: I meant pq primitives specifically. It is assumed that you are already planning on a hybrid approach. I am suggesting using an additional pq primitive along with Kyber.

@Daniel J. Bernstein
This entry was edited (4 months ago)
in reply to Betelgeuse Vore

Orca🌻 | 🏴🏳️‍⚧️
Orca🌻 | 🏴🏳️‍⚧️
Basically anyone using pqcrypto now and is not out of their mind would always implement it in hybrid, meaning one would have to break both post-quantum cryptography primitive and classic cryptography primitive for decryption to work.
And I don't think @Tutanota@mastodon.social is anywhere near insane :)
@Tuta
in reply to Tuta

Betelgeuse Vore
Betelgeuse Vore

Are you planning on doing what Mullvad did and use two pq KEMs in the hybrid protocol?

Quote:
> We use two quantum-secure key encapsulation mechanisms (Kyber and Classic McEliece) and mix the secrets from both.

This entry was edited (4 months ago)