diff --git a/README b/README
index 2eae0fe..5e24bc7 100644
--- a/README
+++ b/README
@@ -79,13 +79,13 @@ SECURITY
 
 git-crypt is more secure that other transparent git encryption systems.
 git-crypt encrypts files using AES-256 in CTR mode with a synthetic IV
-derived from the SHA-1 HMAC of the file.  This mode of operation is provably semantically
-secure under deterministic chosen-plaintext attack.  That means that
-although the encryption is deterministic (which is required so git can
-distinguish when a file has and hasn't changed), it leaks no information
-beyond whether two files are identical or not.  Other proposals for
-transparent git encryption use ECB or CBC with a fixed IV.  These systems
-are not semantically secure and leak information.
+derived from the SHA-1 HMAC of the file.  This mode of operation is
+provably semantically secure under deterministic chosen-plaintext attack.
+That means that although the encryption is deterministic (which is
+required so git can distinguish when a file has and hasn't changed),
+it leaks no information beyond whether two files are identical or not.
+Other proposals for transparent git encryption use ECB or CBC with a
+fixed IV.  These systems are not semantically secure and leak information.
 
 
 LIMITATIONS
diff --git a/README.md b/README.md
index 058f6ea..5958a7c 100644
--- a/README.md
+++ b/README.md
@@ -81,13 +81,13 @@ Security
 
 git-crypt is more secure that other transparent git encryption systems.
 git-crypt encrypts files using AES-256 in CTR mode with a synthetic IV
-derived from the SHA-1 HMAC of the file.  This mode of operation is provably semantically
-secure under deterministic chosen-plaintext attack.  That means that
-although the encryption is deterministic (which is required so git can
-distinguish when a file has and hasn't changed), it leaks no information
-beyond whether two files are identical or not.  Other proposals for
-transparent git encryption use ECB or CBC with a fixed IV.  These
-systems are not semantically secure and leak information.
+derived from the SHA-1 HMAC of the file.  This mode of operation is
+provably semantically secure under deterministic chosen-plaintext attack.
+That means that although the encryption is deterministic (which is
+required so git can distinguish when a file has and hasn't changed),
+it leaks no information beyond whether two files are identical or not.
+Other proposals for transparent git encryption use ECB or CBC with a
+fixed IV.  These systems are not semantically secure and leak information.
 
 Limitations
 -----------