[noise] MAC'ing recipient public key
Trevor Perrin
trevp at trevp.net
Sun Jul 13 22:08:01 PDT 2014
Another change:
The recipient pubkey is included in the additional authenticated data
for both box MACs. This ensures that if the sender can decrypt a box,
it must have been encrypted to the sender's pubkey. While this can
also be accomplished by taking care with the ECDH, I think it's
simpler to just include the recipient's key into the mac.
Also, I changed the order of arguments to ENCRYPT() to match
noise_body(), so authtext is always listed last.
https://github.com/trevp/noise/wiki/Boxes/_compare/02d72d5037ec2d83cb4342ea2b6f3a910d122412...51707f5223dbbeac09d64ec4c5a473b7be09ae34
Trevor
More information about the Noise
mailing list