AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
3min chapter
Matrix with Martin Albrecht and Dan Jones
Security Cryptography Whatever
A C Attack to Inject a Megalm Session
You establish a semi-trusted channel. And then you can now send, you know, start negotiating more key material over the semi- Trusted channel. But there was a bug that forgot that this was derived from the semi-Trusted channel because there's a protocol confusion. It was not supposed to arrive via a megal, but only via old. You send it over old when they accept this and say like, now I'm upgrading kind of like how much I trust the session in question. The attacker can outperform a genuine client in convincing another party that this key material is most is definitely genuine.
00:00
Transcript
Episode notes
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode