"Both the privacy and the authenticity properties of OCB degrade as
per s^2 / 2^128, where s is the total number of blocks that the
adversary acquires.... In order to ensure that s^2 / 2^128 remains
small, a given key should be used to encrypt at most 2^48 blocks (2^55
bits or 4 petabytes)"
-- http://tools.ietf.org/html/draft-krovetz-ocb-03
We deem it unlikely that a legitimate user will send 4 PB through a Mosh
session. If it happens, we simply kill the session. The server and
client use the same key, so we actually need to die after 2^47 blocks.
Closes#77.
Keegan McAllister
b4ef664bc0