[noise] NoisePSK
Trevor Perrin
trevp at trevp.net
Thu Nov 12 11:12:48 PST 2015
On Thu, Nov 12, 2015 at 12:12 AM, Trevor Perrin <trevp at trevp.net> wrote:
>
> One idea is to have "NoisePSK" handshakes which differ from "Noise"
> handshakes in two ways:
> (1) A "preshared_key" value is mixed into SymmetricState, e.g.
>
> Initialize():
> # handle handshake_name = NoisePSK_[???], prologue
> psk1, psk2 = HKDF(preshared_key, empty)
> MixKey(psk1)
> MixHash(psk2)
To optimize, we can take advantage of the fact that MixKey() calls
without intervening encryption means k isn't used:
MixKey(psk1)
...
MixKey(explicit_random)
So we can repurpose k, eliminating the extra HKDF():
Initialize():
# handle handshake_name = NoisePSK_[???], prologue
MixKey(preshared_key)
MixHash(k)
Seems worth trying out in a branch. Note nothing here effects
existing Noise protocols, this is just adding a variation for PSK.
Trevor
More information about the Noise
mailing list