channel, e.g. some requests may have strong replay protection, others
won’t.
--markulf
From: Benjamin Kaduk [mailto:bka...@akamai.com]
Sent: 23 May 2017 18:35
To: Markulf Kohlweiss ; tls@ietf.org
Cc: Samin Ishtiaq ; Antoine Delignat-Lavaud
; Britta Hale
Subject: Re: [TLS] Comments on
Dear Eric, Britta,
I am paraphrasing a long thread on the issue that we had within
the miTLS development team, and I am primarily commenting on the
analysis aspects. I also hope that it will clarify any remaining
problems of understanding that I have on the issue.
If we see EOED as a stream termi
Hello,
Our analysis of miTLS also supports option a)
A security level of 2^-32 seems too low from a provable security point of view,
especially for a confidentiality bound.
We verified an implementation of the TLS 1.3 record
(https://eprint.iacr.org/2016/1178, to appear at Security & Privacy 2