channel, e.g. some requests may have strong replay protection, others
won’t.
--markulf
From: Benjamin Kaduk [mailto:bka...@akamai.com]
Sent: 23 May 2017 18:35
To: Markulf Kohlweiss <mark...@microsoft.com>; tls@ietf.org
Cc: Samin Ishtiaq <samin.isht...@microsoft.com>; Antoine Del
Dear Eric, Britta,
I am paraphrasing a long thread on the issue that we had within
the miTLS development team, and I am primarily commenting on the
analysis aspects. I also hope that it will clarify any remaining
problems of understanding that I have on the issue.
If we see EOED as a stream
Hello,
Our analysis of miTLS also supports option a)
A security level of 2^-32 seems too low from a provable security point of view,
especially for a confidentiality bound.
We verified an implementation of the TLS 1.3 record
(https://eprint.iacr.org/2016/1178, to appear at Security & Privacy