[noise] Oxy: now using Noise
dawuud
dawuud at riseup.net
Sat Jun 30 04:26:07 PDT 2018
Sure it depends on the threat model as does everthing, always.
Privacy enhancing technology is my jam... and so is making people
more aware of these important issues in our day of mass surveillance.
It is my understanding that if an adversary passively records these
IK interactions they can later determine which clients made the connection
if they gain access to the server's private key. The PSK1 modifier
does nothing to protect against this, correct?
On Sat, Jun 30, 2018 at 12:06:21PM +0100, Justin Cormack wrote:
> It depends on your threat model; I think the Noise docs are very clear
> about IK having reduced privacy hiding vs XK as the public
> key is sent sooner, at a cost of slower handshakes for X vs I. I can't
> find any docs for Oxy so I don't know what their design
> requirements are.
>
> On 29 June 2018 at 05:21, dawuud <dawuud at riseup.net> wrote:
> >
> > I looked and it uses Noise_IKpsk1_25519_AESGCM_SHA512.
> > Doesn't this mean that it has the same privacy problem as wireguard
> > that we discussed earlier?
> >
> > On Fri, Jun 29, 2018 at 12:48:59AM +0100, Tony Arcieri wrote:
> >> Oxy is a Rust-based SSH alternative which has been getting some attention
> >> lately.
> >>
> >> It previously used a bespoke transport encryption protocol but has just now
> >> switched to Noise:
> >>
> >> https://github.com/oxy-secure/oxy/pull/130
> >>
> >> --
> >> Tony Arcieri
> >
> >> _______________________________________________
> >> Noise mailing list
> >> Noise at moderncrypto.org
> >> https://moderncrypto.org/mailman/listinfo/noise
> >
> >
> > _______________________________________________
> > Noise mailing list
> > Noise at moderncrypto.org
> > https://moderncrypto.org/mailman/listinfo/noise
> >
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20180630/869a1198/attachment.sig>
More information about the Noise
mailing list