mcr
commented
2 years ago no consensus to make this change, closing issue.
Closed nedmsmith closed 2 years ago
mcr
commented
2 years ago no consensus to make this change, closing issue.
Section 12.2 says "Section 10 discusses ways in which freshness can be used in this architecture to protect against replay attacks." However, the definition of nonce sent (NS) in appendix A says "A nonce not predictable to an Attester (recentness & uniqueness) is sent to an Attester."
Reply attack is thwarted by 'recentness' and 'uniqueness' according to a protocol's use of 'nonce'.
Freshness is defined in terms of the Attester's operational state. It is possible to have 'fresh' operational state and still be compromised by a replay attacker. It is also possible to have stale operational state but resist replay attacks due to the senders nonce being processed.
The fix is to change 'freshness' in the second sentence in section 12.2 to 'recentness'.