[noise] Another spec issue: remote ephemeral keys
Alex
alex at centromere.net
Sat Apr 16 06:44:59 PDT 2016
On Sat, 16 Apr 2016 17:05:49 +1000
Rhys Weatherley <rhys.weatherley at gmail.com> wrote:
> On Sat, Apr 16, 2016 at 3:37 PM, Trevor Perrin <trevp at trevp.net>
> wrote:
>
> > A hostile party could always downgrade the security of its own
> > handshake, e.g. by using an ephemeral with a known/published
> > private key.
> >
> > Using a null ephemeral public key shouldn't accomplish anything
> > more than that.
>
>
> True. I'm looking at it from the point of view of mass surveillance
> where the hostile party has hacked an app on an app store. An
> implementation that is using a non-null "snooper's key" makes that
> traffic visible only to the snoopers in the know about that specific
> key (or set of keys).
>
If you can't trust the hardware/software you're running, you shouldn't
be using it for secure communication.
--
Alex
More information about the Noise
mailing list