Hi Valery, On Tue, Jul 26, 2022 at 12:04:34PM +0300, Valery Smyslov wrote: > > If we assume that we are in Dolev-Yao threat model, then an attacker has no > access > to inside the hosts, but it has an unlimited power on the network. Generally > speaking > with this model the most sensible thing is to count only the outgoing traffic > and not the incoming traffic. Below is described why.
Without making a statement about your conclusion, are you aware of the discussion in https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-aead-limits-05#section-4 about an Integrity Limit that bounds the number of decryption attempts, whether succesful or unsuccesful, using a single key? Thanks, Ben _______________________________________________ IPsec mailing list IPsec@ietf.org https://www.ietf.org/mailman/listinfo/ipsec
