[noise] new branch: psk2
Jason A. Donenfeld
Jason at zx2c4.com
Sat Nov 14 05:24:48 PST 2015
Minor typo:
("s", "e", "dhee", "dhes", "dhse", "dhss).
-->
("s", "e", "dhee", "dhes", "dhse", "dhss").
In ReadMessage I think you meant for this:
For "e": Sets re to the next DHLEN bytes from the buffer. Calls
MixHash(e.public_key). If psk is true, calls MixKey(e.public_key).
-->
For "e": Sets re to the next DHLEN bytes from the buffer. Calls
MixHash(re). If psk is true, calls MixKey(re).
On Sat, Nov 14, 2015 at 8:16 AM, Trevor Perrin <trevp at trevp.net> wrote:
> I realized a problem in how we were using ephemerals as nonces. So
> I'd like to eliminate encryption of ephemeral public keys, and also
> streamline PSK by using ephemeral public keys in place of explicit
> randoms:
Doesn't this, then, remove the anti-DoS protections? IOW, a DH occurs
before a Poly1305 occurs?
More information about the Noise
mailing list