[noise] A simple and safe TLS/TCP-like protocol

alex at centromere.net alex at centromere.net
Fri Feb 3 12:22:30 PST 2017


On 2017-02-03 15:06, Alexey Ermishkin wrote:
> We will also need to support different mechanisms like 0-RTT/IK/XK
> whatsoever whose count I guess will be multiplied by the amount of
> ciphercuites which looks like a too much work for a single byte.
> Another problem is that we'll have to say that "0 is
> Noise_XX_25519_ChaChaPoly_SHA256, 1 is foo, 2 is IK +
> Noise_XX_448_ChaChaPoly_SHA256 ". and keep the list somewhere.
> 
> I personally think that relying on strings in security is a very, very
> bad idea, but maybe we should really use strings as it was intended by
> the spec? Or at least hash from that string as a ciphersuite ID. Same
> could be applied to patterns. It's 32/64 extra bytes per handshake
> message  depending on how we'll treat those 2 strings, but it's
> something that could be described in one paragraph and does not need
> to be hardcoded
> 

Are there any benefits to using strings other than not needing to
maintain a central registry?


More information about the Noise mailing list