[noise] selfie attack
Trevor Perrin
trevp at trevp.net
Wed Apr 3 08:25:01 PDT 2019
On Wed, Apr 3, 2019 at 7:20 AM Justin Cormack
<justin at specialbusservice.com> wrote:
>
> This paper https://eprint.iacr.org/2019/347.pdf points out that (in
> Noise terms) NNpsk handshakes and traffic can be reflected back to the
> originator if it acts as client and server
That's true, if a node is willing to serve as an initiator or
responder based solely on PSK authentication then it is willing to
talk to itself, so could end up handling its own reflected messages.
That's obvious in a sense, but might be overlooked by protocol
designers / developers. I think it merits a security consideration
that entities should bind some other identity information in this case
(via handshake payloads or prologue), not sure we could do much else.
Trevor
More information about the Noise
mailing list