[gruez]

Afaik the protocol is merely TLS 1.3 with fixed DH parameters. In that case it's pretty easy to detect: keep a client side list of DH parameters used by servers (hashed, limited to the last n connections), and terminate any connections that shows reuse.

[ratling]

You're essentially losing PFS if you do this, since those keys are now available. This would work, though it would probably have to be at the application level.

[gruez]

>(hashed, limited to the last n connections)