Posted by Erik Auerswald on Dec 29

Hi,

That is correct.

That is wrong. CBC mode allows attacks such as “Sweet32”
(https://sweet32.info/), which is not possible with CTR mode.

Correct again, but too simple minded. Any encryption without integrity
protection does not provide confidentiality against an active attacker.
Using the wrong mode with a block cipher can render authentication
irrelevant in attacks on confidentiality.

That is sound advice. In addition, broken…