[noise] Termination

Trevor Perrin trevp at trevp.net
Fri Apr 22 14:40:36 PDT 2016


On Fri, Apr 22, 2016 at 1:15 PM, david wong <davidwong.crypto at gmail.com> wrote:
> There is little written about termination, in 12. Application
> responsibilities:
>
>> Termination: Applications must consider that a sequence of Noise transport
>> messages could be truncated by an attacker. Applications should include
>> explicit length fields or termination signals inside of transport payloads
>> to signal the end of a stream of transport messages.
>
> and then in the following section:
>
>> Termination: Preventing attackers from truncating a stream of transport
>> messages is an application responsibility. See previous section.
>
> It sounds odd to me that the application running on top of Noise should be
> preoccupied by network attacks (such as termination here).

Unless you're stuffing one application message into each Noise
message, you could just think of Noise transport messages as giving
you streams of data, like TCP.

So you might need to add length fields or parseable structures, like
any protocol on top of TCP.

If your protocol cares about having the other side affirmatively close
the connection, then you can send a message saying "QUIT" or "close"
or whatever.

Trevor


More information about the Noise mailing list