[noise] Replace calls to kernel.MixHash with kernel.MixKey

Trevor Perrin trevp at trevp.net
Thu Aug 27 10:46:08 PDT 2015


On Thu, Aug 27, 2015 at 5:02 AM, Jason A. Donenfeld <Jason at zx2c4.com> wrote:
>
> would running a wholesale
> s/MixHash/MixKey/g over the Noise spec have any security downsides? Or is
> this safe to do?

Currently handshake messages and transport messages are distinct due
to aad=h, if you lose that difference you'd have to convince yourself
there's no case where handshake and transport messages could get
confused for each other.

You could probably do that, or maybe add a minor tweak to
differentiate them, so it's probably secure or close to it.


Trevor


More information about the Noise mailing list