[noise] Session identifiers
Rhys Weatherley
rhys.weatherley at gmail.com
Mon Apr 18 21:19:28 PDT 2016
On Tue, Apr 19, 2016 at 1:07 PM, Alex <alex at centromere.net> wrote:
> It would seem to me that authentication is already handled by the
> presence of static keys. I.e., given a compatible pattern, the
> handshake will fail if the static key I have on file for you is not the
> one I received during the handshake.
>
It depends. Are the DH static keys authenticating the connection or
authenticating the user? They may not be the same thing; e.g. a VPN-like
tunnel between hosts with user login sessions running on top of the
host-to-host connection. The user may not even be in possession of the
tunnel's DH keys - the connection is set up by a privileged process, and
then the connection and session identifier are handed off to the user
process.
Cheers,
Rhys.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20160419/8670efc1/attachment.html>
More information about the Noise
mailing list