Been looking at this today!
the fixed-size 272 byte frames, great choice for blinding some TA on interactive sessions. That's going to be very slow for downloads though, with the extra GCM tags. Are you open to making this part modal?
Are zero-relevant-data-bytes frames legit? If not, could use zero as a sentinel value to signal that it's a jumbo frame. Rounding jumbo frames to be 272 congruent would look the same to a MITM, but be much faster.
-
-
Other q: why not the start the the IV with the shared PRF? just for some defense in depth against future weaknesses.
-
This Tweet is unavailable.
- 4 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.