At the very least, you should be precise about what part of the literature you’re criticizing, since Wireguard didn’t make the protocol up.
Without introducing signatures? Keeping it DH-only? Good luck. If you've got cryptographic advancements like this, I'm sure @trevp__ and the Noise mailing list would be very interested to hear your suggestions.
-
-
I’m still not clear why the extra (Paterson) message flow can’t be a few extra bytes in the same message as the first normal record flow.
-
Because it'd have to then be in every message, due to drops. Same problem as the original. It'd also hurt the MTU and make the state machine hugely more complicated. An additional mandatory message is not acceptable.
- 8 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.