Am 17. Mai 2018 07:53:17 MESZ schrieb Matthias Urlichs <matth...@urlichs.de>: >On 17.05.2018 07:03, Roman Mamedov wrote: >> Personally I am puzzled this is even an issue in WG. Not a single >other VPN >> protocol mandates every node to keep a monotonically increasing >counter, >> including even over reboots. > >Wireguard's connection setup is a whole lot simpler than most other
But only if you ignore the implications coming with NTP transmissions. its like Outsourcing some state transfer to another service and then claim that remaining procedures are most simple. /axel >protocols. It basically doesn't require a "real" handshake, just a >request/reply pair. Thus it's vulnerable against disruption by replay >attacks – a replayed rekey packet would disrupt conversation until the >real sender times out, a minute later. > >-- >-- Matthias Urlichs > >_______________________________________________ >WireGuard mailing list >WireGuard@lists.zx2c4.com >https://lists.zx2c4.com/mailman/listinfo/wireguard -- Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet. _______________________________________________ WireGuard mailing list WireGuard@lists.zx2c4.com https://lists.zx2c4.com/mailman/listinfo/wireguard
