Sane high-level APIs don’t let users specify nonces. So Enc(K, M) picks random N, returns T” || T || C ; Dec(K, T” || T || C) -> M
-
-
Okay, so this approach only works if you do not have any additional data (A,Z). I don’t see how to protect integrity of it.
-
Absorb A and Z also in the second pass.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.