So wait, NDSS accepted and published an entire new VPN protocol with no security analysis?
-
-
Replying to @matthew_d_green
wait, crypto conferences accept new protocols with no working implementation? and with security proofs covering only a small part of the attack surface, with no formal verification :)
2 replies 4 retweets 20 likes -
Replying to @veorq @matthew_d_green
when the Signal protocol came out, unproved and unverified, but Moxie+Trevor-designed, nobody asked for proofs, we didn't even have specs :)
2 replies 3 retweets 24 likes -
Replying to @veorq
But now that we do have definitions, would you consider it ideal for people to still be making things up as they go?
3 replies 0 retweets 3 likes -
Replying to @matthew_d_green
Wireguard wasn't a random rolling-my-own-crypto protocol, but clearly improving the state of the art, based in part on ideas from Noise, and reviewed by competent people; proof is a bonus.. other initially-proofless protocols include Signal, Tor, Bitcoin
2 replies 0 retweets 6 likes -
Replying to @veorq @matthew_d_green
Most proofs only end up targeting a specific class of attacks anyway. Then an analysis or vulnerability is released that is outside of that class of attacks. Security proofs are largely overrated, IMO.
1 reply 0 retweets 1 like -
Replying to @AaronToponce @veorq
I cannot believe I’m having an argument with professionals who are saying a security proof is actually unnecessary. Note that “proof is sufficient” is not the argument here. Just “important”.
1 reply 0 retweets 1 like
And we indeed have these proofs, with even more on their way! Not sure there's a relevant argument here.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.