[WireGuard] auth-only wireguard

Jason A. Donenfeld Jason at zx2c4.com
Thu Oct 6 22:43:19 CEST 2016


Hi Bruno,

On Oct 6, 2016 9:29 PM, "Bruno Wolff III" <bruno at wolff.to> wrote:
> Someone able to watch and modify traffic can wait for authentication to
occur and then take over the connection. So you don't know you are still
communicating with the party that did the authentication. You need
something protecting message integrity which is normally based on
encryption, but I think there might be ways to do that with just hashing.

You're misunderstanding terminology, I think. Rather than polluting this
thread here, I'd be happy to explain to you on IRC -- I'm zx2c4 on freenode.

Jason
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.zx2c4.com/pipermail/wireguard/attachments/20161006/8ea68beb/attachment-0001.html>


More information about the WireGuard mailing list