[noise] Security Assumptions for Noise Pre-Messages

Trevor Perrin trevp at trevp.net
Sun Aug 5 13:33:17 PDT 2018


On Mon, Jul 23, 2018 at 6:55 PM, Andris <4FWkKLqzVVJWx6E at protonmail.com> wrote:
> Hi Trevor
>
>> So they don't really have security properties in the same way as the
>> other messages. How they were distributed might have security
>> properties
> Right. I guess my question might have been unclear. What I wanted to know was what kind of properties Noise requires from this distribution method, whatever it may be.

The security properties tables assume that parties recognize each
other's static public key, and only continue the protocol if the
counterparty's static public key is correct.  We could spell this out
more clearly, and also spell out that the same logic applies to
pre-messages: the security properties tables only apply if the
pre-message public keys are authentic.  I'll see about adding a
sentence or two for that in next revision.

Trevor


More information about the Noise mailing list