They published a brand new TLS-like protocol in a top academic security conference without a proof of security.
That's the point you keep missing. It's *NOT* a "problem". It's a feature, not a bug, to do confirmation on the transport layer. Please read this post: https://lists.zx2c4.com/pipermail/wireguard/2018-January/002333.html … It allows us to have a DH-only protocol with only two non-droppable messages.
-
-
First off, the “fix” doesn’t increase the number of rounds, does it? Second, surely there is an alternative fix that satisfies your requirements.
-
Did you read that mailing list post? I've pasted it a few times here. The modification increases the number of non-droppable messages. It's not suitable for a real world WireGuard protocol. Kenny, Ben, and I discussed this and were in agreement.
- 12 more replies
New conversation -
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.