[noise] Security Assumptions for Noise Pre-Messages
Trevor Perrin
trevp at trevp.net
Thu Jul 19 20:24:16 PDT 2018
On Fri, Jul 13, 2018 at 2:13 PM, Andris <4FWkKLqzVVJWx6E at protonmail.com> wrote:
> Hi all,
>
> I have been struggling with this for a while now and haven't been able to
> come up with an entirely satisfying answer. Also, it would be useful to have
> a more official guidance.
>
> My question is: What security properties can be assumed to hold for keys in
> pre-messages?
Hi Andris,
I think of the pre-messages as an assumption about the authentic
knowledge that exists before the protocol starts. So they don't
really have security properties in the same way as the other messages.
How they were distributed might have security properties (maybe they
were sent in clear, maybe encrypted, etc), but from the perspective of
the protocol that's using the pre-message keys we can't say anything
about how that was done.
Now sure how satisfying an answer this is?
Trevor
More information about the Noise
mailing list