Jmlepisto

**Name of the Vulnerable Software and Affected Versions** Clatter versions prior to 2.2.0 **Description** Clatter, a Rust implementation of the Noise protocol framework with post-quantum support, contains a protocol compliance issue. The library permitted post-quantum handshake patterns that did not adhere to the PSK validity rule as defined in the Noise Protocol Framework Section 9.3. This could enable the use of PSK-derived keys for encryption without sufficient randomization through self-chosen ephemeral randomness, potentially leading to catastrophic key reuse and weakened security. Affected default patterns include `noise pqkk psk0`, `noise pqkn psk0`, `noise pqnk psk0`, and `noise pqnn psk0`, as well as some hybrid variants. **Recommendations** Update to Clatter version 2.2.0 or later. Avoid using the `* psk0` variants of post-quantum patterns. Carefully review custom handshake patterns.