[noise] encrypted nonce / udp packet number
Arvid Picciani
aep at exys.org
Fri Jul 20 16:11:42 PDT 2018
the QUIC protocol apparantly is able to encrypt the packet sequence
number (separately from the payload)
https://tools.ietf.org/html/draft-ietf-quic-tls-13#section-5.3
does anyone understand how they do this at all?
As far as i understand, it is not safe to reuse the same nonce for an
AEAD with different plaintext,
so without having a unique nonce, how do you encrypt the .. nonce?
More information about the Noise
mailing list