[noise] Generating patterns, and ss tokens

Justin Cormack justin at specialbusservice.com
Thu Jun 21 16:21:57 PDT 2018


Here is a rough first pass at explaining the generation algorithm; not
quite sure how
pseudocode like to make it (or whether I like all the choices of variable names)

The standard and deferred Noise patterns can be generated from a small
set of rules, essentially eagerly generating tokens with a small set
of rules.

We have a set of boolean state variables, all initially false:
ie, re: initiator and responder have sent "e" token
is, rs: initiator and responder have sent "s" token
ee, es, se, ss: that DH has been performed

Also we need to know if we are on the first line
first: we are on the first line of the handshake

For pre-messages, set the ie, re, is, rs variables as if the value was sent.

For messages from initiator, find the first of these rules that
matches, and produce the specified token, then retry until none can be
performed. Then stop if this is a one way message. Switch to messages
from the responder below, until none can be performed. If neither
party matches any of the rules, the handshake has finished.

Initiator rules:
1. Send e immediately
if !ie, send "e"
2. Perform ee as soon as possible
if ie && re && !ee, perform "ee"
3. Perform se as soon as possible if not deferred. If initiator
deferred, skip this rule on the first line it applies
if is && re && !se, perform "se"
4. Perform es as soon s possible if not deferred. If responder
deferred, skip this rule on the first line it applies
if ie && rs && !es, perform "es"
5. Perform ss if we cannot send se on the first line but have done another DH
if is && rs && !ss && es && !se && first, perform "ss"
6. if initiator is "I" or is one way "X", send s immediately
if ("I." || "X") && !is, send "s"
7. if initiator is "X", send s if not on first line
if "X" && !first && !is, send "s"

Responder rules:
1. Send e immediately
if !re, send "e"
2. Perform ee as soon as possible
if ie && re && !ee, perform "ee"
3. Perform se as soon as possible if not deferred. If initiator
deferred, skip this rule on the first line it applies
if is && re && !se, perform "se"
4. Perform es as soon s possible if not deferred. If responder
deferred, skip this rule on the first line it applies
if ie && rs && !es, perform "es"
7. if responder is "X", send s as soon as possible
if "X" && !rs, send "s"


On 21 June 2018 at 22:53, Justin Cormack <justin at specialbusservice.com> wrote:
> On 21 June 2018 at 17:28, Trevor Perrin <trevp at trevp.net> wrote:
>> Ah, very nice!  If you were able to describe the logic concisely that
>> could be a great Appendix for the Noise spec.
>
> Yes, I will try to do this, I cleaned up the code so its pretty clear, will
> try to make it understandable.
>
> Justin


More information about the Noise mailing list