[Cryptography] At what point should people not use TLS?
david wong
davidwong.crypto at gmail.com
Tue Apr 5 23:00:53 EDT 2016
WhatsApp just announced end-to-end encryption on their service, and the
details show that they do not use TLS but another TLS-like protocol called
Noise Pipes which was designed by one man. From Moxie (
https://news.ycombinator.com/item?id=11431623 ):
> WhatsApp was already using a custom protocol instead of TLS. We worked
with them to transition over to Noise Pipes, which has some advantages over
what they were doing before.
I know Moxie has given a lot of thoughts into TLS, and that Trevor is a
legend, bla bla bla... but what about "crypto should be boring"? What about
the peer-review and all the research done around TLS and its implementations?
But then it might makes sense, if the protocol is simple enough, to try and
build that subset of TLS. But what might go wrong? What has to be re-designed?
Replay protection? Consistency? Integrity? It implies that you already know a
lot about TLS... What do you people think?
Regards,
David
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160405/324f0d71/attachment.html>
More information about the cryptography
mailing list