Message posted by The Doctor (Member since 10/20/2022) on February 10, 2023 at 7:58:23 PST:
The thing that gets me is, why is the other side not using authenticated encryption? That would prevent most forms of spoofing (because the source could be checked and ignored if it doesn't match, which also means that ephemeral keys can be changed on the fly) as well as replay attacks (record a telemetry stream, retransmit it to send valid but situationally incorrect data)
In Reply to: Re: Tic Tac / David Fravor posted by Joerg (Webmaster) on February 09, 2023 at 17:16:26 PST:
Replies: