[noise] Incrementing nonces

Jonathan Rudenberg jonathan at titanous.com
Thu Jul 23 11:56:53 PDT 2015


> On Jul 23, 2015, at 2:53 PM, Trevor Perrin <trevp at trevp.net> wrote:
> 
> On Wed, Jul 22, 2015 at 5:05 PM, Jonathan Rudenberg
> <jonathan at titanous.com> wrote:
>> 
>> It seems unnecessary to do the increment *inside* the ciphersuite function implementation which requires passing in a pointer to the nonce and incrementing it or returning a new nonce value in addition to the result bytes, when this could be done just as easily in the session implementation without duplication. But maybe I’m missing the rationale behind this choice.
> 
> I was just trying to be very explicit and redundant about incrementing
> the nonce - it would be bad if someone forgets to do it.
> 
> I've clarified this to happen outside ENCRYPT() / DECRYPT() instead of
> inside it, see if that's better.
> 
> https://github.com/trevp/noise/blob/master/noise.md

Yeah, that’s clearer. It might be worth having an explicit section that covers common implementation mistakes like nonces, constant time comparison, etc.

Jonathan


More information about the Noise mailing list