Selfie: reflections on TLS 1.3 with PSK

We identify a security vulnerability in this TLS 1.3 path, by showing a new reflection attack that we call “Selfie”. The paper explains the root cause of this TLS 1.3 vulnerability, demonstrates the Selfie attack on the TLS implementation of OpenSSL and proposes appropriate mitigation. The attack is surprising because it breaks some assumptions and uncovers an interesting gap in the existing TLS security proofs.

Source: eprint.iacr.org