[noise] new branch: psk2
Trevor Perrin
trevp at trevp.net
Sat Nov 14 13:10:31 PST 2015
On Sat, Nov 14, 2015 at 4:22 AM, Alex <alex at centromere.net> wrote:
> On Fri, 13 Nov 2015 23:16:44 -0800
> Trevor Perrin <trevp at trevp.net> wrote:
>
>> https://github.com/trevp/noise/blob/psk2/noise.md
>>
>
> Am I correct in stating that PSK is useless in Noise_NN, since DH will
> be performed regardless?
No, NoisePSK_NN would provide authentication based on the PSK, but use
the DH to add forward-security.
If you don't know the PSK, you can't complete the handshake or decrypt
any of the ciphertexts. But if you compromise the PSK afterward, the
DHs prevent you from decrypting old traffic.
So that's potentially useful, and similar to TLS's DHE_PSK suites.
Trevor
Trevor
>
> --
> Alex
> _______________________________________________
> Noise mailing list
> Noise at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/noise
More information about the Noise
mailing list