tgeoghegan
commented
1 month ago This should merge cleanly before or after #554, despite touching nearby text.
Closed tgeoghegan closed 1 month ago
tgeoghegan
commented
1 month ago This should merge cleanly before or after #554, despite touching nearby text.
Discuss explicitly the attack prevented by enforcing unique report IDs, which is to stop honest Client reports from being replayed. This would also be necessary to satisfy VDAF's requirement of nonce uniqueness, but it's not yet clear VDAF will impose that exact requirement (see 1).
There's no functional change here, but hopefully being explicit can short-circuit future discussion of why we have this expensive requirement.
See #558 for motivating discussion.