ok, who finds the first 0-rtt-based vulnerability in a famous web app? https://blog.cloudflare.com/introducing-0-rtt/ …
How? It seems fundamentally impossible but I'd love to see a solution if it works!
-
-
the 0-RTT piece (if any) is still decryptable with the STK (only), but everything after that is passed through ECDH
-
Ah, that makes sense. Awesome job expressing that in the constraints of a tweet.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
) and what do you mean by loss of security (in 1.3)?