[noise] Questions about Signatures for Noise spec

Lucas Manuel Rodriguez lucarodriguez at gmail.com
Mon Apr 8 04:36:38 PDT 2019

Hello folks,

I'm working on a system that relies heavily in public key signatures and I
came across the "Signatures for Noise" spec [1].

Knowing it's unofficial/unstable I hope it's ok to ask a couple of
questions here.

1) There's the following paragraph In the "Signature modifiers" section:

"The "sig" modifier can only be used with patterns where "se" is not sent by
the responder and "es" is not sent by the initiator, and "ss" does not
Attempting to apply it other patterns is invalid."

It would be nice if you could elaborate those statements.

2) Are you seeing a path towards "hybrid" patterns? Hybrid as in: DH +
Signatures, e.g.:

<- s
-> e, es, s1, sig

(The above pattern would allow 0-RTT encryption and authentication of
initiator via signatures)

Or are there any problems/vulnerabilities that would prevent this from

I'm new to the Noise Framework, so please bear with me :)

[1]: https://github.com/noiseprotocol/noise_sig_spec

Lucas Manuel Rodríguez.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20190408/e65ff1eb/attachment.html>

More information about the Noise mailing list