diff --git a/Notes-on-encryption.md b/Notes-on-encryption.md
index b632140..b047c43 100644
--- a/Notes-on-encryption.md
+++ b/Notes-on-encryption.md
@@ -18,7 +18,7 @@ In udp2raw, not only the data but also udp2raw protocol itself will be obsecured
 
 When `md5` and `aes` are used, udp2raw use the hash-then-encrpy scheme, encrpyted hash is served as mac. The security is less than using hmac, but the md5 option is kept for compatiblity.
 
-When `hmac-sha1` and `aes` are used, first udp2raw will use PKCS5_PBKDF2 for key strenghing and HKDF for key deriving, then use a encrypt-then-mac scheme.
+When `hmac-sha1` and `aes` are used, first udp2raw will use PKCS5_PBKDF2 for key strenghing and HKDF for key deriving, then use the encrypt-then-mac scheme.
 
 To prevent replay a whole connection, udp2raw client and server will challenge each other with random numbers.