diff --git a/handshake/crypto_setup_client.go b/handshake/crypto_setup_client.go
index 9bbc4e11..a4acab93 100644
--- a/handshake/crypto_setup_client.go
+++ b/handshake/crypto_setup_client.go
@@ -302,14 +302,14 @@ func (h *cryptoSetupClient) Open(dst, src []byte, packetNumber protocol.PacketNu
 	return res, protocol.EncryptionUnencrypted, nil
 }
 
-func (h *cryptoSetupClient) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
+func (h *cryptoSetupClient) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel) {
 	if h.forwardSecureAEAD != nil {
-		return h.forwardSecureAEAD.Seal(dst, src, packetNumber, associatedData)
+		return h.forwardSecureAEAD.Seal(dst, src, packetNumber, associatedData), protocol.EncryptionForwardSecure
 	}
 	if h.secureAEAD != nil {
-		return h.secureAEAD.Seal(dst, src, packetNumber, associatedData)
+		return h.secureAEAD.Seal(dst, src, packetNumber, associatedData), protocol.EncryptionSecure
 	}
-	return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData)
+	return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData), protocol.EncryptionUnencrypted
 }
 
 func (h *cryptoSetupClient) DiversificationNonce() []byte {
diff --git a/handshake/crypto_setup_client_test.go b/handshake/crypto_setup_client_test.go
index 4c19d649..b206db00 100644
--- a/handshake/crypto_setup_client_test.go
+++ b/handshake/crypto_setup_client_test.go
@@ -676,7 +676,9 @@ var _ = Describe("Crypto setup", func() {
 
 		Context("null encryption", func() {
 			It("is used initially", func() {
-				Expect(cs.Seal(nil, []byte("foobar"), 0, []byte{})).To(Equal(foobarFNVSigned))
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				Expect(d).To(Equal(foobarFNVSigned))
+				Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
 			})
 
 			It("is accepted initially", func() {
@@ -709,8 +711,9 @@ var _ = Describe("Crypto setup", func() {
 			It("is used immediately when available", func() {
 				doCompleteREJ()
 				cs.receivedSecurePacket = false
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).To(Equal([]byte("foobar  normal sec")))
+				Expect(enc).To(Equal(protocol.EncryptionSecure))
 			})
 
 			It("is accepted", func() {
@@ -736,8 +739,9 @@ var _ = Describe("Crypto setup", func() {
 				_, enc, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
 				Expect(err).ToNot(HaveOccurred())
 				Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).To(Equal([]byte("foobar forward sec")))
+				Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
 			})
 		})
 	})
diff --git a/handshake/crypto_setup_interface.go b/handshake/crypto_setup_interface.go
index 91a234d0..42cd923c 100644
--- a/handshake/crypto_setup_interface.go
+++ b/handshake/crypto_setup_interface.go
@@ -6,7 +6,7 @@ import "github.com/lucas-clemente/quic-go/protocol"
 type CryptoSetup interface {
 	HandleCryptoStream() error
 	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
-	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
+	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel)
 	LockForSealing()
 	UnlockForSealing()
 	HandshakeComplete() bool
diff --git a/handshake/crypto_setup_server.go b/handshake/crypto_setup_server.go
index 593fe115..2293716a 100644
--- a/handshake/crypto_setup_server.go
+++ b/handshake/crypto_setup_server.go
@@ -185,13 +185,13 @@ func (h *cryptoSetupServer) Open(dst, src []byte, packetNumber protocol.PacketNu
 }
 
 // Seal a message, call LockForSealing() before!
-func (h *cryptoSetupServer) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
+func (h *cryptoSetupServer) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel) {
 	if h.receivedForwardSecurePacket {
-		return h.forwardSecureAEAD.Seal(dst, src, packetNumber, associatedData)
+		return h.forwardSecureAEAD.Seal(dst, src, packetNumber, associatedData), protocol.EncryptionForwardSecure
 	} else if h.secureAEAD != nil {
-		return h.secureAEAD.Seal(dst, src, packetNumber, associatedData)
+		return h.secureAEAD.Seal(dst, src, packetNumber, associatedData), protocol.EncryptionSecure
 	} else {
-		return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData)
+		return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData), protocol.EncryptionUnencrypted
 	}
 }
 
diff --git a/handshake/crypto_setup_server_test.go b/handshake/crypto_setup_server_test.go
index 1902b6aa..e1b8eb1f 100644
--- a/handshake/crypto_setup_server_test.go
+++ b/handshake/crypto_setup_server_test.go
@@ -573,7 +573,9 @@ var _ = Describe("Crypto setup", func() {
 
 		Context("null encryption", func() {
 			It("is used initially", func() {
-				Expect(cs.Seal(nil, []byte("foobar"), 0, []byte{})).To(Equal(foobarFNVSigned))
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				Expect(d).To(Equal(foobarFNVSigned))
+				Expect(enc).To(Equal(protocol.EncryptionUnencrypted))
 			})
 
 			It("is accepted initially", func() {
@@ -605,16 +607,18 @@ var _ = Describe("Crypto setup", func() {
 
 			It("is not used after CHLO", func() {
 				doCHLO()
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).ToNot(Equal(foobarFNVSigned))
+				Expect(enc).ToNot(Equal(protocol.EncryptionUnencrypted))
 			})
 		})
 
 		Context("initial encryption", func() {
 			It("is used after CHLO", func() {
 				doCHLO()
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).To(Equal([]byte("foobar  normal sec")))
+				Expect(enc).To(Equal(protocol.EncryptionSecure))
 			})
 
 			It("is accepted after CHLO", func() {
@@ -629,8 +633,9 @@ var _ = Describe("Crypto setup", func() {
 				doCHLO()
 				_, _, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
 				Expect(err).ToNot(HaveOccurred())
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).To(Equal([]byte("foobar forward sec")))
+				Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
 			})
 
 			It("is not accepted after receiving forward secure packet", func() {
@@ -649,8 +654,9 @@ var _ = Describe("Crypto setup", func() {
 				_, enc, err := cs.Open(nil, []byte("forward secure encrypted"), 0, []byte{})
 				Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
 				Expect(err).ToNot(HaveOccurred())
-				d := cs.Seal(nil, []byte("foobar"), 0, []byte{})
+				d, enc := cs.Seal(nil, []byte("foobar"), 0, []byte{})
 				Expect(d).To(Equal([]byte("foobar forward sec")))
+				Expect(enc).To(Equal(protocol.EncryptionForwardSecure))
 			})
 		})
 	})
diff --git a/packet_packer_test.go b/packet_packer_test.go
index 15b2a078..dbc57d94 100644
--- a/packet_packer_test.go
+++ b/packet_packer_test.go
@@ -19,8 +19,8 @@ func (m *mockCryptoSetup) HandleCryptoStream() error { return nil }
 func (m *mockCryptoSetup) Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error) {
 	return nil, protocol.EncryptionUnspecified, nil
 }
-func (m *mockCryptoSetup) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
-	return append(src, bytes.Repeat([]byte{0}, 12)...)
+func (m *mockCryptoSetup) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel) {
+	return append(src, bytes.Repeat([]byte{0}, 12)...), protocol.EncryptionUnspecified
 }
 func (m *mockCryptoSetup) LockForSealing()                      {}
 func (m *mockCryptoSetup) UnlockForSealing()                    {}
diff --git a/packet_unpacker.go b/packet_unpacker.go
index 6e50809d..350faa70 100644
--- a/packet_unpacker.go
+++ b/packet_unpacker.go
@@ -12,7 +12,7 @@ import (
 
 type quicAEAD interface {
 	Open(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel, error)
-	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte
+	Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel)
 }
 
 type packetUnpacker struct {
diff --git a/packet_unpacker_test.go b/packet_unpacker_test.go
index 008d853d..20915cf9 100644
--- a/packet_unpacker_test.go
+++ b/packet_unpacker_test.go
@@ -20,8 +20,8 @@ func (m *mockAEAD) Open(dst, src []byte, packetNumber protocol.PacketNumber, ass
 	res, err := (&crypto.NullAEAD{}).Open(dst, src, packetNumber, associatedData)
 	return res, m.encLevelOpen, err
 }
-func (m *mockAEAD) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) []byte {
-	return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData)
+func (m *mockAEAD) Seal(dst, src []byte, packetNumber protocol.PacketNumber, associatedData []byte) ([]byte, protocol.EncryptionLevel) {
+	return (&crypto.NullAEAD{}).Seal(dst, src, packetNumber, associatedData), protocol.EncryptionUnspecified
 }
 
 var _ quicAEAD = &mockAEAD{}
@@ -47,7 +47,7 @@ var _ = Describe("Packet unpacker", func() {
 	})
 
 	setData := func(p []byte) {
-		data = unpacker.aead.Seal(nil, p, 0, hdrBin)
+		data, _ = unpacker.aead.Seal(nil, p, 0, hdrBin)
 	}
 
 	It("does not read read a private flag for QUIC Version >= 34", func() {