HTTP/2 301 server: nginx date: Sun, 28 Dec 2025 09:10:05 GMT content-type: application/rss+xml; charset=UTF-8 location: https://codesinchaos.wordpress.com/comments/feed/ x-hacker: Want root? Visit join.a8c.com/hacker and mention this header. host-header: WordPress.com vary: accept, content-type, cookie last-modified: Sun, 28 Dec 2025 09:10:05 GMT etag: "749b93253b621f6caa3d30b757f11d29" x-redirect-by: WordPress x-ac: 1.bom _dca MISS alt-svc: h3=":443"; ma=86400 strict-transport-security: max-age=31536000 server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=337.0 HTTP/2 200 server: nginx date: Sun, 28 Dec 2025 09:10:06 GMT content-type: application/rss+xml; charset=UTF-8 vary: Accept-Encoding x-hacker: Want root? Visit join.a8c.com/hacker and mention this header. host-header: WordPress.com vary: accept, content-type, cookie last-modified: Sun, 28 Dec 2025 09:10:05 GMT etag: W/"749b93253b621f6caa3d30b757f11d29" content-encoding: gzip x-ac: 3.bom _dca MISS alt-svc: h3=":443"; ma=86400 strict-transport-security: max-age=31536000 server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=363.0 https://codesinchaos.wordpress.com Sat, 20 Jun 2015 11:58:50 +0000 hourly 1 https://wordpress.com/ https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/comment-page-1/#comment-58 Sat, 20 Jun 2015 11:58:50 +0000 https://codesinchaos.wordpress.com/2012/09/09/curvecp-review-part-1-crypto/#comment-58 I have recently been studying key exchange handshake protocols
and I was fortunate to discover your blog post!

This study has resulted in a handshake design, and a paper,
in which I cited this blog post.

Click to access shs.pdf

(I don’t know your real name, so you are cited as CodeInChaos)

If you have any comments or questions for me, that would be most appreciated!

Also, I have an implementation over here:
https://github.com/dominictarr/secret-handshake

]]> https://codesinchaos.wordpress.com/2012/10/05/blake-tree-hashing/comment-page-1/#comment-31 Wed, 04 Dec 2013 10:55:44 +0000 https://codesinchaos.wordpress.com/?p=32#comment-31 Have you considered building on https://keccak.noekeon.org/sakura.html ? At very least, it would address the interleaved hashing case.

]]> https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/comment-page-1/#comment-30 Sat, 21 Sep 2013 19:35:26 +0000 https://codesinchaos.wordpress.com/2012/09/09/curvecp-review-part-1-crypto/#comment-30 In reply to Pieter Hintjens.

I didn’t find a vulnerability when everything goes well. My issue is that if a shot term key c’ gets compromised, that shouldn’t have any long term consequences. In particular the attacker who learns c’ should not be able to authenticate as C in a new connection.

That paragraph started with:
> If an attacker learns client short term secret c’ of a single session
of course that shouldn’t happen and it’s thus not a severe problem. But it’s still an unnecessary risk that a better protocol can avoid.

]]> https://codesinchaos.wordpress.com/2012/09/09/curvecp-1/comment-page-1/#comment-29 Sat, 21 Sep 2013 09:37:03 +0000 https://codesinchaos.wordpress.com/2012/09/09/curvecp-review-part-1-crypto/#comment-29 Thanks for this review of CurveCP. I’m looking at changing CurveZMQ per your recommendations for client authentication but there is one thing I don’t understand. You say that an attacker can get the vouch and resend it, to impersonate the client in the future. However, the vouch is sent inside Box [C + vouch](C’->S’), so only the server can read the vouch. An attacker would also need the server’s temporary secret key, which is surely not happening.

How does an attacker get the vouch in your analysis?

]]>