[noise] Stateless Protocols with Replay Attack Prevention

Robert Ransom rransom.8774 at gmail.com
Fri Feb 13 10:17:35 PST 2015


On 2/13/15, Jason A. Donenfeld <Jason at zx2c4.com> wrote:

> So I come to you to ask -- have folks come up with a really nice way
> to eliminate replay attacks while still maintaining statelessness? Or
> have I come across a fundamental contradiction?

Yes, you have.  If a device is stateless, then it must respond to any
input message the same way every time.

On the other hand, if a system is *truly* stateless (i.e. acts as a
pure function, with not even a RNG as input), then replay attacks
shouldn't hurt it.  Your problem is that you want a stateless security
layer in front of a stateful system.


Robert Ransom


More information about the Noise mailing list