[noise] Spec revision 32
Alex
alex at centromere.net
Fri May 19 05:14:53 PDT 2017
On Wed, 17 May 2017 18:22:56 +0000
Trevor Perrin <trevp at trevp.net> wrote:
> * PSK support was changed to allow PSKs to be added at different
> points in the handshake. This is incompatible with all previous PSK
> handshakes, which are replaced with new ones, using a new naming
> scheme.
>
In section 9.2:
"In non-PSK handshakes, the "e" token in a pre-message pattern or
message pattern always results in a call to MixHash(e.public_key). In a
PSK handshake, all of these calls are followed by MixKey(e.public_key).
In conjunction with the validity rule in the next section, this ensures
that PSK-based encryption uses encryption keys that are randomized
using ephemeral public keys as nonces."
What this implies is that a general purpose Noise library simply can't
execute the instructions sequentially. You have to scan the entire
pattern, determine if there are any `psk` tokens, and then change the
*meaning* of the `e` token if you find any. Is this correct?
--
Alex
More information about the Noise
mailing list