[noise] Stricter rules #2: PSKs fixed to 256 bits

Alex alex at centromere.net
Thu Apr 21 21:11:04 PDT 2016

On Thu, 21 Apr 2016 14:56:08 -0700
Trevor Perrin <trevp at trevp.net> wrote:

> The payload is encrypted/authenticated by a PSK.  That's good, because
> the PSK can be used to accomplish 0-RTT encryption with session
> tickets or caches, but it means a low-entropy PSK is exposed to
> offline guessing attacks.

Could you expand on how that would be accomplished? What exactly is a
session ticket and how would it be used?


More information about the Noise mailing list