attackkvm.blogg.se - The Secret Handshake by Victoria Collins-Hood

Note: a wrong number is just an accidental man in the middle.īy "confirm" I mean check a guess at the public key.īy "learn" I mean that you can either extract the public key,Īlso note that if the server decides not to authenticate a client, an unauthenticated client cannot learn server key.

a "wrong number" cannot learn public keys.

man in the middle cannot learn public keys.

replay attacker cannot learn public keys.

an eavesdropper cannot learn public keys.

a later key compromise cannot confirm the public keys in the handshake.

The shared secrets are forward secure, andīy "forward secure identity metadata" I mean: This protocol derives shared keys and mutuallyĪuthenticates both ends of the connection.

also keks/tamarin-shs is a formal proof of the cryptographic properties!.

python/twisted david415/txsecrethandshake (WIP).

c AljoschaMeyer/shs1-c (actually just implements the crypto, not the protocol used as a component in the rust implementation).

Secure-channel based on a a mutually authenticating key agreement handshake, with forward secure identity metadata.įor a full explanation of the design, read the