We are using AEAD inside this library, should we implement a key commitment scheme?
keys are pseudo-random (KDF, so I lean toward a KISS: no), the validation endpoint might act as an oracle in a potential key partionning attack against the cookie, let's verify and make sure it does not happen.
Key commitment could just remove that risk.
References:
We are using AEAD inside this library, should we implement a key commitment scheme?
keys are pseudo-random (KDF, so I lean toward a KISS: no), the validation endpoint might act as an oracle in a potential key partionning attack against the cookie, let's verify and make sure it does not happen.
Key commitment could just remove that risk.
References: