[noise] New branch: "simpler"
Jason A. Donenfeld
Jason at zx2c4.com
Thu Oct 1 03:00:01 PDT 2015
With a premessage and a handshake name, things wind up looking like:
initiator.key = 32 bytes of zeros
initiator.hash = HASH("Noise WireGuard zx2c4 2015-09-30" ||
responder.static_public)
Why not instead initiate the key with the handshake name, instead of the
hash? It seems like this would also go a bit further in reducing key-reuse
too. So, instead:
initiator.key = "Noise WireGuard zx2c4 2015-09-30"
initiator.hash = HASH(responder.static_public)
How about this?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20151001/966f1b95/attachment.html>
More information about the Noise
mailing list