[noise] New draft for "chain-of-DH" approach
Jason A. Donenfeld
Jason at zx2c4.com
Sun Jul 26 04:35:08 PDT 2015
On Sun, Jun 14, 2015 at 3:42 AM, Trevor Perrin <trevp at trevp.net> wrote:
> - Padding removed. The calling app will need to decide on it
> anyways, so it doesn't need to be in this layer.
This makes sense to me, but I would be interested in having some
confirmation about what security properties I can expect out of noise,
so I know what sort of padding to use. Specifically, it's easiest to
pad with zeros, but in certain protocols, this kind of deterministic
content can cause problems. In those cases, random padding is
preferred. What's the scoop with noise? Can I get away with zero
padding, or do I need to fill in random bytes?
More information about the Noise
mailing list