Ignore expected IVs that arrive by the wrong transport.

This prevents an attacker from replaying connections to test whether a
transport endpoint has the same owner as an endpoint on another
transport (eg probing a Bluetooth device to see whether it has the
same owner as a given internet host).