|
|
|
|
|
|
by bascule
4230 days ago
|
|
|
Nobody is questioning whether AES-GCM is a good algorithm or not, however you are using AES-GCM as part of a hand-rolled transport encryption protocol, and this is what's worrisome. Designing a transport encryption protocol is a difficult endeavor, and it seems you have skipped most of the steps (e.g. replay attack prevention) but suggest that it's irrelevant because other parts of the protocol provide security (e.g. the SWIM state machine). This makes your protocol difficult to audit: someone concerned about potential attacks can't just look at your protocol in isolation, but has to factor the underlying protocol state machine into the security of your transport encryption protocol. |
|
|