-@item generate the main key using @code{balloon(BLAKE2b-256, S, T, P,
-salt, password)}
-@item initialize @url{https://blake2.net/, BLAKE2Xb} XOF with generated
-main key and 96-byte output length
-@item feed @verb{|N N C P B 0x00 0x00 0x02|} magic number to XOF
-@item read 32-bytes of blob encryption key
-@item read 64-bytes of blob authentication key
-@item encrypt the blob using @url{https://cr.yp.to/chacha.html,
-ChaCha20}. Blob is splitted on 128 KiB blocks. Each block is encrypted
-with increasing nonce counter
-@item authenticate ciphertext with MAC
+@item generate the key using @code{balloon(BLAKE2b-256, S, T, P, salt, password)}
+@item encrypt and authenticate blob using
+ @url{https://cr.yp.to/chacha.html, ChaCha20}-@url{https://en.wikipedia.org/wiki/Poly1305, Poly1305}.
+ EBlob packet itself, with empty blob field, is fed as an additional authenticated data