Closed kalkin closed 6 years ago
Actually I think the best approach would be to specify a MAX_MSG_LEN
and to pad every plaintext
with (random(len(plaintext), MAX_MSG_LEN)
. Of course we shouldn't allow sending any messages bigger than MAX_MSG_LEN
. If MAX_MSG_LEN == 4096
, this shouldn't be an issue.
That would completely standardise the message length, and it's another possible approach. An assumption is that you won't be embedding anything larger than 4096 characters into the message.
That looks ok to apply a minimum padding, although longer messages could still have variable lengths which might be indicative of the content (i.e. maybe not entirely forward secret).