Notices by Simo ✔️ (simo5@fosstodon.org)

@cstross effort is not anthitetical to enjoyment, seem the phrase you quoted is stull accurate?

@cstross don't you put effort in writing your books?

@david_chisnall and we get to three where I'd say you are concentrating on the wrong problem, AES GCM (and similar) give you most of what you need, so apply the KISS principle and just waste a few bits for error correction.
You already have simple crc checking in most of the underlying packet handling, just extend that to be proper error correction instead of just detection. Bandwidth is not *that* important if your goal is latency, if latency is not a problem then a retransmit is just fine.

@david_chisnall as for (2) you are asking fir double integrity checking, what's the use? Again independent processing would require an additional MAC.. potentially a MAC could be used for error correction, but it would be quite ecpensive to do that w/o introducing forgeability issues.

@david_chisnall I am not a certified cryptographer but adding error correction requires redundancy one way or another, so doing it after encryption is simpler and faster (hw can deal with it easily). Doing it as part of the cipher sounds like a recipe for a weak cipher and probably a good way to create side-channels that will quickly compromise the private key.

Do not recommend.