[noise] NLS?

Gerardo Di Giacomo gedigi at live.com
Mon Mar 12 08:27:04 PDT 2018


Sorry hit enter too soon.

> If the negotiation_data is zero-length, that means the responder
> accepted the initiator's initial_protocol.  If the negotiation_data is
> non-zero-length, it contains a NoiseLingoNegotiationDataResponse
> protobuf, which the initiator parses to determine whether this is a
> Switch, Retry, or Reject case.
> 
> Hope that helps?

Ok, so follow-up question:
- What should be used as init prologue string? The NoiseSocketInit* or NLS(revision1), or both? It's not clear to me from the spec if NLS(revision1) should replace the NoiseSocketInit strings or not.

- In case of error (negotiation_data_len != 0) should a noise message be sent?

Thanks, Gerardo
________________________________________
From: Noise <noise-bounces at moderncrypto.org> on behalf of Gerardo Di Giacomo <gedigi at live.com>
Sent: Monday, March 12, 2018 8:21 AM
To: Trevor Perrin
Cc: noise at moderncrypto.org
Subject: Re: [noise] NLS?

On Mar 11, 2018, at 5:49 PM, Trevor Perrin <trevp at trevp.net> wrote:

In the Accept case, the prologue that both parties use is:

"NoiseSocketInit1" || init_negotiation_data_len || init_negotiation_data

Where init_negotiation_data refers to the initiator's first message.

At least that's how it's spec'd.  Hopefully that's what the Golang code does?
Yes it is and that’s how I’m keeping it.

Not sure what you mean by "received a Init2".  The prologue labels
"NoiseSocketInit1" etc aren't sent on the wire.  The prologue is just
an input to hashing, it's not transmitted.
That’s right, I realized this 30 seconds after sending this mail.

After sending it's initial messages, the initiator will receive a
single NoiseSocket response message, containing some negotiation_data
(might be zero-length) and a Noise message (might be zero-length).

If the negotiation_data is zero-length, that means the responder
accepted the initiator's initial_protocol.  If the negotiation_data is
non-zero-length, it contains a NoiseLingoNegotiationDataResponse
protobuf, which the initiator parses to determine whether this is a
Switch, Retry, or Reject case.

Hope that helps?





More information about the Noise mailing list