[noise] Another anti-DoS Approach: MAC the message with the recipient's public key

[Jason A. Donenfeld]

On Thu, Nov 12, 2015 at 4:00 AM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
> Something similar for post-quantum security, treating the public key
> as a secret would be to call MixKey(rs) during the initiation...

Or, even easier, in addition to the "prologue" parameter to
initialization, what about adding "additional key material (akm)".
After the MixHash(prologue), there'd be a MixKey(akm). This would
allow for a wide variety of things here, such as akm=s||rs.