[noise] Are boxes intended to ever be used independently of pipes?
Trevor Perrin
trevp at trevp.net
Wed Jul 23 22:08:28 PDT 2014
On Wed, Jul 23, 2014 at 6:34 PM, Stephen Touset <stephen at squareup.com> wrote:
> Is there any intent for Noise Boxes to be used standalone (e.g., like gpg output)?
Yes! The first few pages on the Wiki discuss that:
https://github.com/trevp/noise/wiki
Boxes should be suitable for encrypting files, database records, and so on.
The ephemeral key is a one-time random key chosen by the sender, so
provides sender identity-hiding and sender forward-secrecy.
> If not, why not? If so, is there an “official” way to bypass deriving ephemeral keys through a handshake? This will obviously leak the identity of (at a minimum) the recipient, but it seems like it would potentially be a useful feature.
For standalone boxes the ephemeral key is a one-time random key chosen
by the sender, so provides sender identity-hiding and sender
forward-secrecy.
We don't have multi-recipient boxes. Along with a 0-RTT resumption
flow, that's worth thinking more about.
Trevor
More information about the Noise
mailing list