My colleagues and AWS Cryptography engineers, Shay and Nir, found an interesting gap in some of the TLS1.3 security proofs: https://eprint.iacr.org/2019/347 Thankfully it's very low severity, and impacts only external PSK mode, which is very rarely used. Doesn't impact resumption.
-
-
I mentioned resumption. because in TLS1.3 session resumption uses the underlying PSK mode. The issue doesn't come up in that case because the PSKs used for resumption mode are exclusively pair-wise. TLS1.3 is still in the best shape we know of any TLS version.
Show this threadThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.