So wait, NDSS accepted and published an entire new VPN protocol with no security analysis?
The modified protocol is nothing more than a theoretical exercise for the purpose of their proof -- it would not work in the real world with WireGuard's reduced state machine and UDP -- but it is still useful to do eCK proofs on the modified protocol, to then argue similarity.
-
-
I’d argue it kind of sucks. If WireGuard was one message away from a formal reduction proof, it would have been much better to finalize the protocol with that message.
-
Except that would destroy important other properties of the protocol. Doing the confirmation on the transport layer is _very important_ - a feature. See here: https://lists.zx2c4.com/pipermail/wireguard/2018-January/002333.html … Computational techniques simply need to catch up to what these modern Noise-based protocols need.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.