Skip to main content

🎊 We are starting #2024 off right! πŸŽ‰

With the latest update all Tuta accounts are now utilizing #Argon2 and #AES256 encryption by default.πŸ”’πŸ’ͺ

This security improvement is the next step towards full #postquantum encryption!
πŸ‘‰ tuta.com/blog/aes-256-encrypti…

All Tuta accounts are now using AES256 and Argon2 by default!

AES 256 Is Now Securing All Your Encrypted Tuta Emails

We have updated to AES 256 encryption by default, the next step towards full post-quantum encryption!
Tutanota
#argon2 #aes256 #postquantum
in reply to Tuta

Betelgeuse Vore
Betelgeuse Vore

That's good news! However, I do hope that you guys are not planning to rely solely on Kyber for the pq KEM. I've heard things from @djb . I think everyone would have a better peace of mind if you guys did what Mullvad have done and used two pq primitives: mullvad.net/en/blog/mullvads-u…

Edited for clarity: I meant pq primitives specifically. It is assumed that you are already planning on a hybrid approach. I am suggesting using an additional pq primitive along with Kyber.

@Daniel J. Bernstein
This entry was edited (10 months ago)
in reply to Betelgeuse Vore

Orca 🌻 | πŸŽ€ | πŸͺ | πŸ΄πŸ³οΈβ€βš§οΈ
Orca 🌻 | πŸŽ€ | πŸͺ | πŸ΄πŸ³οΈβ€βš§οΈ
Basically anyone using pqcrypto now and is not out of their mind would always implement it in hybrid, meaning one would have to break both post-quantum cryptography primitive and classic cryptography primitive for decryption to work.
And I don't think @Tutanota@mastodon.social is anywhere near insane :)
@Tuta
in reply to Tuta

Betelgeuse Vore
Betelgeuse Vore

Are you planning on doing what Mullvad did and use two pq KEMs in the hybrid protocol?

Quote:
> We use two quantum-secure key encapsulation mechanisms (Kyber and Classic McEliece) and mix the secrets from both.

This entry was edited (10 months ago)
⇧