But now that we do have definitions, would you consider it ideal for people to still be making things up as they go?
-
-
-
They published a brand new TLS-like protocol in a top academic security conference without a proof of security.
2 replies 0 retweets 2 likes -
-
Right, the issue he has is with
@trevp__ 's NoiseIK -- https://noiseprotocol.org/noise.pdf Notably the only security analysis done on other aspects of the WireGuard protocol -- such as the Cookies and defense-in-depth design -- has been in the original NDSS paper.1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
I don’t understand why “NoiseIK May have the same weakness” is making this better.
2 replies 0 retweets 1 like -
Replying to @matthew_d_green @tqbf and
"Making it better?" It sounds to me like you're just thoroughly confused. WireGuard implements NoiseIK. The Dowling/Paterson paper and the Tamarin paper analyze NoiseIK. That's the topic of our conversation here. "Same weakness": also, there's no weakness even found here, so...
1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
Due respect, I’m just responding to Thomas’s comment. No need to be rude about it.
1 reply 0 retweets 1 like -
Replying to @matthew_d_green @tqbf and
No disrespect intended. Trying to clarify what appears to be a misunderstanding about what part of WireGuard is being analyzed in these papers. The key exchange is (with the three horizontal lines) NoiseIK. That's all.
1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
I looked at the paper as it is. I don’t know how much you changed from NoiseIK. If it’s the same as NoiseIK than that seems like two issues not one.
2 replies 0 retweets 1 like
As the paper writes, it's not changed from NoiseIKpsk2. You can drop in any Noise implementation and have it talk WireGuard. More talk of "issues" though. I'm pretty sure that zero issues times two is still zero.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.