<div><div dir="auto">Yes that is correct. </div></div><div dir="auto"><br></div><div dir="auto">Justin</div><div dir="auto"><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, 18 Feb 2019 at 07:16, <a href="mailto:zaki@manian.org">zaki@manian.org</a> <<a href="mailto:zaki@manian.org">zaki@manian.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>Question:<br><br>In regular Noise, a MessageBuffer has spots for 2 tokens ( static dh and ephemeral dh) + ciphertext.<br><br>In Noise with signatures, you need a MessageBuffer than can have up to 3 tokens(ephemeral, signing pub key, signature) + ciphertext<br><br></div><div>Is this correct?</div><br clear="all"><div><div dir="ltr" class="m_-4840630460026045925gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div>Signal/WhatsApp/Phone: +1650-862-5992</div><div><br></div></div></div></div></div></div></div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Dec 17, 2018 at 2:17 AM Trevor Perrin <<a href="mailto:trevp@trevp.net" target="_blank">trevp@trevp.net</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">I started an extension spec for basic signatures:<br>
* sig, sigi, and sigr modifiers<br>
* s1, sig1 tokens (or other numbers, if used in combination with hfs<br>
or something else)<br>
<br>
<a href="https://github.com/noiseprotocol/noise_sig_spec/" rel="noreferrer" target="_blank">https://github.com/noiseprotocol/noise_sig_spec/</a><br>
<a href="https://github.com/noiseprotocol/noise_sig_spec/blob/master/output/noise_sig.pdf" rel="noreferrer" target="_blank">https://github.com/noiseprotocol/noise_sig_spec/blob/master/output/noise_sig.pdf</a><br>
<br>
This follows the hfs spec in using numbered suffixes to refer to<br>
different types of public-key algorithms that are introduced by the<br>
pattern modifiers:<br>
<br>
XXhfs+sig_25519+NewHope+Ed25519_AESGCM_SHA256:<br>
-> e, e1<br>
<- e, ekem1, s2, sig2<br>
-> s2, sig2<br>
<br>
<br>
This spec lists 23 new patterns applying the sig modifiers to the<br>
fundamental+defered patterns. These signatures modifiers don't<br>
coexist with any ss/noss modifiers, but should combine easily with the<br>
hfs modifier (as above).<br>
<br>
<br>
Anyways, this gives us 3 extension specs related to patterns:<br>
* ss (adding and removing ss token)<br>
* hfs (adding post-quantum KEMs for more forward-secrecy)<br>
* sig (adding signatures for authentication)<br>
<br>
I think that's a good amount of handshake-pattern stuff to discuss at<br>
RWC and try to finalize in the next few months.<br>
<br>
(Aside from the pattern work, I'd like to make progress on the SHO<br>
idea, and after that on NoiseSocket/NoiseLingo/NLS).<br>
<br>
Trevor<br>
_______________________________________________<br>
Noise mailing list<br>
<a href="mailto:Noise@moderncrypto.org" target="_blank">Noise@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/noise" rel="noreferrer" target="_blank">https://moderncrypto.org/mailman/listinfo/noise</a><br>
</blockquote></div>
_______________________________________________<br>
Noise mailing list<br>
<a href="mailto:Noise@moderncrypto.org" target="_blank">Noise@moderncrypto.org</a><br>
<a href="https://moderncrypto.org/mailman/listinfo/noise" rel="noreferrer" target="_blank">https://moderncrypto.org/mailman/listinfo/noise</a><br>
</blockquote></div></div>