[Cryptography] Low grade randomness for padding.

Kent Borg kentborg at borg.org
Wed Feb 10 11:13:38 EST 2021


On 2/9/21 12:40 PM, Phillip Hallam-Baker wrote:
> So, the last thing I need to write for the Mesh is a presentation 
> layer. This has the primary function of providing authentication over 
> HTTP and encryption and authentication over UDP.
>
> The UDP packet format is intentionally as opaque as possible, there 
> are two basic types of packet


The responses all seem concerned with padding being a covert channel risk.

Another concern is leaking data through message length. (Encrypted voice 
can frequently understood just on data sizes over time.) Padding with 
random data fights that.


-kb

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210210/0254293f/attachment.htm>


More information about the cryptography mailing list