[noise] Noise Explorer

Nadim Kobeissi nadim at symbolic.software
Sat May 26 03:09:05 PDT 2018


Hello everyone,
I have two updates that will hopefully be useful:

1. All one-way handshake patterns (K, N, X) are now added to the compendium.
2. Given the growing size of formal verification results, I have added a
search function to the top of the compendium page that will allow you to
quickly search for a Noise Handshake Pattern by its name:
https://noiseexplorer.com/patterns/

Have a great weekend,

Nadim Kobeissi
Symbolic Software • https://symbolic.software
Sent from office
On Fri, May 25, 2018 at 5:52 PM Trevor Perrin <trevp at trevp.net> wrote:

> On Fri, May 25, 2018 at 3:43 PM, Nadim Kobeissi <nadim at symbolic.software>
wrote:
> > I guess I'm confused, because confidentiality grade 2 does not say
anything
> > about the *sender's* static key being compromised after the session is
> > concluded and how that may lead to decryption. It only discusses the
> > recipient's static keys:
> >
> > "2: Encryption to a known recipient, forward secrecy for sender
compromise
> > only, vulnerable to replay. This payload is encrypted based only on DHs
> > involving the recipient's static key pair. If the recipient's static
> > private key is compromised, even at a later date, this payload can be
> > decrypted. This message can also be replayed, since there's no ephemeral
> > contribution from the recipient."

> I was talking about the first and only message (A) in pattern K.

> If you're talking about subsequent messages in this pattern, these
> messages don't exist.  But even if they existed, it wouldn't be
> correct to say "Message contents are sent in cleartext", so not sure
> what Noise Explorer was doing there.

> > Either way, "tokenless" messages for K have now been removed from the
> > analysis. This will be reflected on the website in a few minutes.

> Cool, that takes care of it.


> Trevor


More information about the Noise mailing list