[noise] Pattern transformations

Alex alex at centromere.net
Sun Mar 19 13:26:20 PDT 2017


On Sun, 19 Mar 2017 13:05:40 -0700
Trevor Perrin <trevp at trevp.net> wrote:

> On Sun, Mar 19, 2017 at 12:38 PM, Rhys Weatherley
> <rhys.weatherley at gmail.com> wrote:
> > On Mon, Mar 20, 2017 at 5:27 AM, Alex <alex at centromere.net> wrote:  
> >>
> >> I'm a little unclear on the idea of pattern transformations. Up
> >> until this point the transformations I've seen have only been
> >> applied to one or two patterns in an ad-hoc manner (e.g.
> >> fallback). It's not clear that any single formal algorithmic
> >> transformation can be applied universally to all patterns.
> >>
> >> In theory, could such a transformation exist?  
> 
> Not totally sure I understand the question, but "noidh" ("no identity
> hiding") is algorithmic, isn't it?  (move "s" earlier in same message
> if doing so moves it outside of encryption).
> 
> http://noiseprotocol.org/noise.html
> 

Would you consider the following statement to be in conformity with
the definition provided in the spec?:

"If 's' appears after 'ee', 'se', 'es', or 'ss', move it directly
before the token, and repeat this process until it no longer moves."

> For resumption, I recently proposed some transformations that:
>  * list the server's static public-key as a pre-message solely for
> identity-binding purposes
>  * change the server's "s" to "e" so that the server can use a
> semi-ephemeral key alongside it's static.
> 
> https://moderncrypto.org/mail-archive/noise/2017/000957.html
> 

In the linked post you said, "that adds the server's static as a
pre-message, if it's not one already." If it is already, the pattern
never changes. Therefore, do we append "+pskresume" even though
nothing changed?

-- 
Alex


More information about the Noise mailing list