diff options
| author |   trevnoise <noise@trevp.net> | 2017-09-30 01:32:39 +0000 |
|---|---|---|
| committer | trevnoise <noise@trevp.net> | 2017-09-30 01:32:39 +0000 |
| commit | 6599d2f0314222c107744b6763fb9fc03305e473 (patch) | |
| tree | 06aa65411e71a54fe643e4b54bfea896ba191eea | |
| parent | Clarify only 1 ephemeral per handshake. (diff) | |
| download | noise-6599d2f0314222c107744b6763fb9fc03305e473.tar.xz noise-6599d2f0314222c107744b6763fb9fc03305e473.zip | |
Patterns aren't "examples", fix table spacing.
| -rw-r--r-- | noise.md | 43 | ||||
| -rw-r--r-- | output/noise.html | 38 | ||||
| -rw-r--r-- | output/noise.pdf | bin | 370281 -> 370298 bytes |
3 files changed, 40 insertions, 41 deletions
@@ -697,10 +697,9 @@ patterns that have been vetted by experts to satisfy the above checks. 7.2. One-way patterns ---------------------- -The following example handshake patterns represent "one-way" handshakes -supporting a one-way stream of data from a sender to a recipient. These -patterns could be used to encrypt files, database records, or other -non-interactive data streams. +The following handshake patterns represent "one-way" handshakes supporting a +one-way stream of data from a sender to a recipient. These patterns could be +used to encrypt files, database records, or other non-interactive data streams. Following a one-way handshake the sender can send a stream of transport messages, encrypting them using the first `CipherState` returned by `Split()`. @@ -739,7 +738,7 @@ recipient beforehand (`K`) or transmitted under encryption (`X`). 7.3. Interactive patterns -------------------------- -The following example handshake patterns represent interactive protocols. +The following handshake patterns represent interactive protocols. Interactive patterns are named with two characters, which indicate the status of the initator and responder's static keys: @@ -774,28 +773,28 @@ The second character refers to the responder's static key: | <- e, ee | -> e, es, ss | | | <- e, ee, se | +---------------------------+--------------------------------+ -| NX(rs): | KX(s, rs): | -| -> e | -> s | -| <- e, ee, s, es | ... | +| NX(rs): | KX(s, rs): | +| -> e | -> s | +| <- e, ee, s, es | ... | | | -> e | | | <- e, ee, se, s, es | +---------------------------+--------------------------------+ -| XN(s): | IN(s): | -| -> e | -> e, s | -| <- e, ee | <- e, ee, se | -| -> s, se | | +| XN(s): | IN(s): | +| -> e | -> e, s | +| <- e, ee | <- e, ee, se | +| -> s, se | | +---------------------------+--------------------------------+ -| XK(s, rs): | IK(s, rs): | -| <- s | <- s | -| ... | ... | -| -> e, es | -> e, es, s, ss | -| <- e, ee | <- e, ee, se | -| -> s, se | | +| XK(s, rs): | IK(s, rs): | +| <- s | <- s | +| ... | ... | +| -> e, es | -> e, es, s, ss | +| <- e, ee | <- e, ee, se | +| -> s, se | | +---------------------------+--------------------------------+ -| XX(s, rs): | IX(s, rs): | -| -> e | -> e, s | -| <- e, ee, s, es | <- e, ee, se, s, es | -| -> s, se | | +| XX(s, rs): | IX(s, rs): | +| -> e | -> e, s | +| <- e, ee, s, es | <- e, ee, se, s, es | +| -> s, se | | +---------------------------+--------------------------------+ \newpage diff --git a/output/noise.html b/output/noise.html index d4c49e0..c24d483 100644 --- a/output/noise.html +++ b/output/noise.html @@ -366,7 +366,7 @@ <p>The third check is necessary because Noise uses DH outputs involving ephemeral keys to randomize the shared secret keys, and to provide forward secrecy. Patterns failing this check could result in subtle but catastrophic security flaws.</p> <p>Users are recommended to only use the handshake patterns listed below, or other patterns that have been vetted by experts to satisfy the above checks.</p> <h2 id="one-way-patterns">7.2. One-way patterns</h2> -<p>The following example handshake patterns represent "one-way" handshakes supporting a one-way stream of data from a sender to a recipient. These patterns could be used to encrypt files, database records, or other non-interactive data streams.</p> +<p>The following handshake patterns represent "one-way" handshakes supporting a one-way stream of data from a sender to a recipient. These patterns could be used to encrypt files, database records, or other non-interactive data streams.</p> <p>Following a one-way handshake the sender can send a stream of transport messages, encrypting them using the first <code>CipherState</code> returned by <code>Split()</code>. The second <code>CipherState</code> from <code>Split()</code> is discarded - the recipient must not send any messages using it (as this would violate the rules in <a href="#pattern-validity">Section 7.1</a>).</p> <p>One-way patterns are named with a single character, which indicates the status of the sender's static key:</p> <ul> @@ -402,7 +402,7 @@ </table> <p><code>N</code> is a conventional DH-based public-key encryption. The other patterns add sender authentication, where the sender's public key is either known to the recipient beforehand (<code>K</code>) or transmitted under encryption (<code>X</code>).</p> <h2 id="interactive-patterns">7.3. Interactive patterns</h2> -<p>The following example handshake patterns represent interactive protocols.</p> +<p>The following handshake patterns represent interactive protocols.</p> <p>Interactive patterns are named with two characters, which indicate the status of the initator and responder's static keys:</p> <p>The first character refers to the initiator's static key:</p> <ul> @@ -448,9 +448,9 @@ <- e, ee, se</code></pre></td> </tr> <tr class="odd"> -<td><pre><code> NX(rs): - -> e - <- e, ee, s, es</code></pre></td> +<td><pre><code>NX(rs): + -> e + <- e, ee, s, es</code></pre></td> <td><pre><code> KX(s, rs): -> s ... @@ -458,21 +458,21 @@ <- e, ee, se, s, es</code></pre></td> </tr> <tr class="even"> -<td><pre><code> XN(s): - -> e - <- e, ee - -> s, se</code></pre></td> +<td><pre><code>XN(s): + -> e + <- e, ee + -> s, se</code></pre></td> <td><pre><code> IN(s): -> e, s <- e, ee, se</code></pre></td> </tr> <tr class="odd"> -<td><pre><code> XK(s, rs): - <- s - ... - -> e, es - <- e, ee - -> s, se</code></pre></td> +<td><pre><code>XK(s, rs): + <- s + ... + -> e, es + <- e, ee + -> s, se</code></pre></td> <td><pre><code> IK(s, rs): <- s ... @@ -480,10 +480,10 @@ <- e, ee, se</code></pre></td> </tr> <tr class="even"> -<td><pre><code> XX(s, rs): - -> e - <- e, ee, s, es - -> s, se</code></pre></td> +<td><pre><code>XX(s, rs): + -> e + <- e, ee, s, es + -> s, se</code></pre></td> <td><pre><code> IX(s, rs): -> e, s <- e, ee, se, s, es</code></pre></td> diff --git a/output/noise.pdf b/output/noise.pdf Binary files differindex d7e53ef..88288a7 100644 --- a/output/noise.pdf +++ b/output/noise.pdf |