Old work item which we kept putting off for later. Still not there (missing a few bits of C and Verilog we'd want to do this), but to get some of what I've been thinking written down where others can review, I've posted:
https://wiki.cryptech.is/wiki/SecureChannel Comments welcome. Apologies to readers who don't have access to the referenced texts, particularly Cryptography Engineering. Their "Secure Channel" protocol is a nice simple thing using the obvious algorithms (AES and SHA-2-HMAC), in this particular case I do mostly trust the authors to have gotten the protocol details right. I'm sure that someone will quibble with XDR, for now take it as read that we're already using XDR and I see no need to change that here. _______________________________________________ Tech mailing list Tech@cryptech.is https://lists.cryptech.is/listinfo/tech
