Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Checking G_X in EDHOC Message 1 #243
Removed the G_X checking that is heavy for implementations. That was a left over from the PSK mehtod.
- Loading branch information
Showing
1 changed file
with
3 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Just to be sure, is this equivalent to the following statement?
"For instance, the Initiator can check that it has never used and would never use such ID_CRED_R as ID_CRED_I, when acting as Initiator in an EDHOC session."
This would cover also a potential reflection attack occurring when the Initiator starts its first EDHOC session ever. In that case, the Initiator might not have "created" ID_CRED_I yet, since that can happen latest when preparing message_3.
On the other hand, this method requires an endpoint to prepare its ID_CRED_I before starting a first EDHOC execution.