[noise] non replayable XK/KK?
Justin Cormack
justin at specialbusservice.com
Sat Jan 27 07:32:02 PST 2018
Been thinking about using noise for distributed capabilities, wrote
some notes at https://www.cloudatomiclab.com/noise-capabilities/
The useful patterns here are the .K patterns, ie where the initiator
nows the public key (capability) for the responder.
This paper https://dominictarr.github.io/secret-handshake-paper/shs.pdf
suggests that the fact that replay is possible in the XK and KK
patterns means that you can identify a responder as being one that the
capability identifies by doing replay. To avoid this it constructs a
longer (4 step) handshake that forces the initiator to identify first,
so that replay is not possible unless you also have the private key
used to construct the messages.
I wondered if Noise could be extended to support a non replayable
version of KK and XK?
Justin
More information about the Noise
mailing list