[noise] Extension spec: Static-Static Pattern Modifiers
Trevor Perrin
trevp at trevp.net
Sun Nov 18 18:30:53 PST 2018
I wrote up the "ss" and "noss" modifiers Justin and I worked out a few
months ago:
https://github.com/noiseprotocol/noise_ss_spec/blob/master/output/noise_ss.pdf
https://github.com/noiseprotocol/noise_ss_spec
These give us more control over adding/removing static-static DH: It
can be added for more resilience against ephemeral-key compromise; or
can be removed from patterns like IK if you don't want to spend a DH
for these benefits of 0-RTT authentication and
ephemeral-key-compromise resilience.
Justin did most of the heavy lifting in figuring these out. This
follows his earlier spec, except:
* Omits one-way patterns with "noss", since X and K with noss
basically degrade to N.
* Omits the description of how noss/ss interact with the spec's
pattern-generation rules, since I think these are easy enough to
understand as pattern transformations.
Trevor
More information about the Noise
mailing list