[noise] PerformHandshake() Function

Nadim Kobeissi nadim at symbolic.software
Mon Jun 3 05:56:48 PDT 2019


Hello everyone,

In working with Noise implementations in production, we noticed something interesting: inside the HandshakeState object, the following functions currently exist:

    - Initialize(handshake_pattern, initiator, prologue, s, e, rs, re): initializes the state machine locally.
    - WriteMessage(payload, message_buffer): writes a message with an optional payload.
    - ReadMessage(payload, message_buffer): reads a message as written using the above function.

In addition to the above, it may be useful to add a new “PerformHandshake()” function. The simple goal of this function would be to advance the local Noise Handshake Pattern state machine of both parties to the point where they have dealt with all handshake messages and where the next message to be sent will be a transport message.

The usefulness of “PerformHandshake()” is in contexts where both parties can afford to perform a synchronous round-trip key exchange without issue. Imagine we are deploying IKpsk2 in a use case where both parties are expected to be online always. In that scenario, it is in both the initiator and the responder’s benefit to arrive to the transport message stage of the protocol as quickly as possible since transport messages will benefit from stronger confidentiality and authentication guarantees, and so calling “PerformHandshake()” before transmitting any real payloads of actual value could be beneficial.

Predictable question: “Why not leave this up to the implementer to do manually?”
Answer: this actually seems to be a pretty common use case scenario from my experience. By implementing it directly within the Noise Protocol Framework specification, we can avoid an additional burden on users where they can also potentially get things wrong. We also make it easier for implementers to have a more user-friendly “out of the box” experience once a Noise implementation is prepared.

I’m not set on the name and so of course we can call this function anything we like in the event that this proposal garners popular support.

Interested to hear your thoughts,

Nadim Kobeissi
Symbolic Software • https://symbolic.software
Sent from office



More information about the Noise mailing list