We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
to your account
problem: CBC in TLS uses a static IV
solution: randomize IV by always sending an empty application data record before any with payload
The text was updated successfully, but these errors were encountered:
mitigation in #37
Sorry, something went wrong.
I am convinced this problem is solved in our stack. It would be great to have another pair of eyes looking over it and commenting here..
clean pass #2
Every vector of appdata records has an empty one prepended on send, in CBC.
No branches or pull requests