[noise] Revision 23 - clarifying validity rule
Trevor Perrin
trevp at trevp.net
Mon Feb 22 17:23:27 PST 2016
The validity rule for patterns in 8.3 bullet 1 was too strict, it
would've disallowed the pattern discussed in 8.6 bullet 1:
-> e, s, dhes, dhss
So I rewrote it to be more precise. This has been a complicated bit
of text, but I think it's done now:
https://github.com/trevp/noise/blob/master/noise.md
"""
After performing a DH between a remote public key and any local
private key that is not a "fresh" ephemeral private key, the local
party must not send any payloads or static public keys, nor complete
the handshake, unless they have also performed a DH between a "fresh"
ephemeral private key and the remote public key. A "fresh" ephemeral
private key is one that was created by processing an "e" token when
sending a message (as opposed to an ephemeral private key passed in
during initialization).
"""
Trevor
More information about the Noise
mailing list