[noise] Are boxes intended to ever be used independently of pipes?

Stephen Touset stephen at squareup.com
Thu Jul 24 10:26:38 PDT 2014


On Jul 23, 2014, at 10:08 PM, Trevor Perrin <trevp at trevp.net> wrote:

> On Wed, Jul 23, 2014 at 6:34 PM, Stephen Touset <stephen at squareup.com> wrote:
>> Is there any intent for Noise Boxes to be used standalone (e.g., like gpg output)?
> 
> Yes!  The first few pages on the Wiki discuss that:
> 
> https://github.com/trevp/noise/wiki
> 
> Boxes should be suitable for encrypting files, database records, and so on.
> 
> The ephemeral key is a one-time random key chosen by the sender, so
> provides sender identity-hiding and sender forward-secrecy.

Ah, yes. I was simply being silly. No handshake is necessary for the recipient to decrypt a standalone Box; the recipient simply strips the ephemeral public key out of the header and uses it to perform ECDH with their own private key. Sometimes being down too deep in the implementation details you can miss the forest for the trees.

-- 
Stephen Touset
stephen at squareup.com



More information about the Noise mailing list