Consensus seems to be that XChaCha20 is the preferred
algorithm because AES is vulnerable to timing attacks unless
done in hardware + AES-GCM has a foot gun in it’s
- ChaCha20 is what is used for Wireguard3 instead of AES because it’s more efficient on mobile/low-power devices[^chcha-efficient]
This page is part of my digital garden.
This page might be unfinished or have typos. These pages are meant as part of a public living notebook to be edited over time. For more, visit the page explaining the concept of a digitial garden.