I have found several articles on the Internet that make me question the security of the AES-CBC algorithm. Wouldn’t it be better to use the AES-GCM or XChaCha20 algorithm, to be sure to use a currently inviolable algorithm?
- The dangers of AES-CBC
- Bit Flipping Attack on CBC Mode
- Padding oracles and the decline of CBC-mode cipher suites
- Is AES-CBC mode not secure against chosen cipher-text attacks even if the IV is not predictable?
- Why is using a Non-Random IV with CBC Mode a vulnerability?
- AES in CBC Mode Is totally unsecure if no defense is provided for padding oracle attack, right?
- Timing vulnerabilities with CBC-mode symmetric decryption using padding
- AES-CBC bit flipping Attack