On Thu, Oct 10, 2013 at 3:32 PM, John Kelsey <crypto....@gmail.com> wrote:
>  The goal is to have an inner protocol which can run inside TLS or some 
> similar thing
> Suppose we have this inner protocol running inside a TLS version that is 
> subject to one of the CBC padding reaction attacks.  The inner protocol 
> completely blocks that.

If you can design an "inner protocol" to resist such attacks - which
you can, easily - why wouldn't you just design the "outer protocol"
the same way?

The cryptography mailing list

Reply via email to