aegiap/AES

## AES
AES-CBC vs AES-GCM

Until recently the only AES cipher that you were likely to encounter in the VPN world was AES-CBC (Cipher Block Chaining).
This refers to the block cipher mode, a complex subject that is not really worth going into here.

Although CBC may theoretically have some vulnerabilities, the consensus is that CBC is secure. CBC is, indeed, recommended
in the OpenVPN manual.

OpenVPN now also supports AES-GCM (Galios/Counter Mode). GCM provides authentication, removing the need for an HMAC SHA
hashing function. It is also slightly faster than CBC because it uses hardware acceleration (by threading to multiple
processor cores).

AES-CBC remains the most common mode in general use, but AES-GCM is increasing in popularity.  Given the advantages of
GCM, this trend is only likely to continue. From a cryptographic perspective, though, both AES-CBC and AES-GCM are highly
secure.
	AES-CBC vs AES-GCM

	Until recently the only AES cipher that you were likely to encounter in the VPN world was AES-CBC (Cipher Block Chaining).
	This refers to the block cipher mode, a complex subject that is not really worth going into here.

	Although CBC may theoretically have some vulnerabilities, the consensus is that CBC is secure. CBC is, indeed, recommended
	in the OpenVPN manual.

	OpenVPN now also supports AES-GCM (Galios/Counter Mode). GCM provides authentication, removing the need for an HMAC SHA
	hashing function. It is also slightly faster than CBC because it uses hardware acceleration (by threading to multiple
	processor cores).

	AES-CBC remains the most common mode in general use, but AES-GCM is increasing in popularity. Given the advantages of
	GCM, this trend is only likely to continue. From a cryptographic perspective, though, both AES-CBC and AES-GCM are highly
	secure.