At the very least, you should be precise about what part of the literature you’re criticizing, since Wireguard didn’t make the protocol up.
-
-
Replying to @tqbf @matthew_d_green and
esp. because OTHER THINGS use that protocol!
1 reply 0 retweets 0 likes -
Replying to @tqbf @EdgeSecurity and
I’m criticizing WireGuard. Or more accurately I’m criticizing NDSS for accepting a paper with no security proof. I don’t know the precise relationship between WG and Noise. If you say they’re exactly the same, then that seems twice as bad. But irrelevant to NDSS.
1 reply 0 retweets 1 like -
Replying to @matthew_d_green @tqbf and
Except there's no part that's "bad" to be twiced. Noise has real merits and is a solid set of protocols that lives up to rigorous security analysis. We're now starting to get the first batch of proofs and analysis of Noise protocols. Things are looking quite positive, not "bad"
2 replies 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
To repeat. My problem here is with NDSS, for accepting this backwards order of operations. Not with you.
1 reply 0 retweets 0 likes -
Replying to @matthew_d_green @tqbf and
Understood. Now there's this protocol. NDSS accepted it. It's being used. There are a few proofs. More proofs are coming. You would have liked everything to be done in reverse. Understandable. The fact that there's no impending disaster --
1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @matthew_d_green and
-- because the protocol is solid -- means that it will be good interesting work for future people improving computational models.
1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
On the other hand, we did TLS this way and it’s been twenty solid years of attacks. Just because you survive one adventure doesn’t mean you survive them all.
1 reply 0 retweets 0 likes -
Replying to @matthew_d_green @tqbf and
I'm pretty sure the comparison here to TLS is ridiculous. The proofs we currently _already have_ of WireGuard put it leagues beyond issues found in TLS.
1 reply 0 retweets 0 likes -
Replying to @EdgeSecurity @tqbf and
Because we have twenty years of seeing how TLS did it wrong to learn from. I thought one of the lessons we learned was to structure protocols for easier cryptographic analysis.
1 reply 0 retweets 0 likes
And Noise does quite a bit differently from TLS. WireGuard itself is designed to specifically not be TLS. We've indeed learned tons from the failings of TLS and brought those lessons into Noise and into WireGuard. The comparison to TLS here just isn't a good one.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.