[noise] Revision 33 draft
davidwong.crypto at gmail.com
Sat Sep 23 02:13:19 PDT 2017
I find it weird to specify the function `SetNonce` in the
`CipherState` section. I see that section as a "mandatory" set of
functions to implement, which doesn't make sense if I do not want to
create a Noise protocol over UDP. Can't this function be defined in
the relevant section?
(I have the same critic for `MixKeyAndHash` btw.)
For naming, I'd much prefer something along these lines:
"you concatenate the ASCII names for the handshake pattern, the
asymmetric functions, the symmetric functions"
with the "symmetric functions" being something like "AESGCM_SHA256" or
The "Out-of-order transport messages" section is small, and maybe
dangerous as it is not that trivial to implement a secure protocol
over UDP. You have to mind other details like "Am I sure this message
is coming from the right origin?" via things like cookies. Obviously I
don't know much about that, probably Jason has more to add to it, but
a warning might be relevant in this section.
The rest looks good to me!
More information about the Noise