My colleagues and AWS Cryptography engineers, Shay and Nir, found an interesting gap in some of the TLS1.3 security proofs: https://eprint.iacr.org/2019/347 Thankfully it's very low severity, and impacts only external PSK mode, which is very rarely used. Doesn't impact resumption.
-
-
PSK = Pre Shared Key. Which is when you configure TLS clients and servers to trust each other based on a (long) shared password. The issue doesn't come up at all if you use SNI or combine PSK with regular certs.
Show this thread -
I mentioned resumption. because in TLS1.3 session resumption uses the underlying PSK mode. The issue doesn't come up in that case because the PSKs used for resumption mode are exclusively pair-wise. TLS1.3 is still in the best shape we know of any TLS version.
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.