diff --git a/README.md b/README.md
index 9fe7ea7..3677479 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,7 @@
 ## Low-level access to handshake
 * Read/write access to all bits of client hello message.  
 * Read access to fields of ClientHandshakeState, which, among other things, includes ServerHello and MasterSecret.
+* Read keystream. Can be used to "write" something in ciphertext.
 ## ClientHello fingerprinting resistance
 Golang's ClientHello has a very unique fingerprint, which especially sticks out on mobile clients,
 where Golang is not too popular yet.
diff --git a/u_conn.go b/u_conn.go
index d878304..17ce702 100644
--- a/u_conn.go
+++ b/u_conn.go
@@ -435,3 +435,14 @@ func (uconn *UConn) MarshalClientHello() error {
 	hello.Raw = helloBuffer.Bytes()
 	return nil
 }
+
+// get current state of cipher and encrypt zeros to get keystream
+func (uconn *UConn) GetOutKeystream(length int) ([]byte, error) {
+	zeros := make([]byte, length)
+
+	if outCipher, ok := uconn.out.cipher.(cipher.AEAD); ok {
+		// AEAD.Seal() does not mutate internal state, other ciphers might
+		return outCipher.Seal(nil, uconn.out.seq[:], zeros, nil), nil
+	}
+	return nil,  errors.New("Could not convert OutCipher to cipher.AEAD")
+}