> -----Original Message----- > From: Martin Thomson [mailto:martin.thom...@gmail.com] > Sent: Tuesday, March 28, 2017 11:46 AM > To: Scott Fluhrer (sfluhrer) > Cc: <tls@ietf.org> > Subject: Re: [TLS] The alternative idea I had for token buckets. > > On 28 March 2017 at 10:41, Scott Fluhrer (sfluhrer) <sfluh...@cisco.com> > wrote: > > E_K(R); that is, R is encrypted with the server's long term key. > > > > (I meant to specify that...) > > > OK, so how does the server recover E_K(R)? The point here is that it doesn't > know R.
The server recovers E_K(R) because the client sent it (along with i and the protected message). It recovers R because it also knows K. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
