diff options
| author |   trevnoise <noise@trevp.net> | 2018-05-26 23:27:07 +0000 |
|---|---|---|
| committer | trevnoise <noise@trevp.net> | 2018-05-26 23:27:07 +0000 |
| commit | 9d072a22d469010aed1d495a8706289d6596fd93 (patch) | |
| tree | 3c314881ef22b071f135026e92c67f8754fa7932 | |
| parent | Cleanup discussion of negotiation data (diff) | |
| download | noise-9d072a22d469010aed1d495a8706289d6596fd93.tar.xz noise-9d072a22d469010aed1d495a8706289d6596fd93.zip | |
Renamed authentication / confidentiality -> source / destination
| -rw-r--r-- | noise.md | 10 | ||||
| -rw-r--r-- | output/noise.html | 8 | ||||
| -rw-r--r-- | output/noise.pdf | bin | 379503 -> 379483 bytes |
3 files changed, 9 insertions, 9 deletions
@@ -919,12 +919,12 @@ Below are two examples showing a fundamental handshake pattern on the left, and The following table lists the security properties for Noise handshake and transport payloads for all the one-way patterns in [Section 7.4](#one-way-handshake-patterns) and the fundamental patterns in -[Section 7.5](#interactive-handshake-patterns). Each payload is assigned an "authentication" +[Section 7.5](#interactive-handshake-patterns). Each payload is assigned a "source" property regarding the degree of authentication of the sender provided to the -recipient, and a "confidentiality" property regarding the degree of +recipient, and a "destination" property regarding the degree of confidentiality provided to the sender. -The authentication properties are: +The source properties are: 0. **No authentication.** This payload may have been sent by any party, including an active attacker. @@ -942,7 +942,7 @@ The authentication properties are: recipient's ephemeral key pair. Assuming the corresponding private keys are secure, this authentication cannot be forged. -The confidentiality properties are: +The destination properties are: 0. **No confidentiality.** This payload is sent in cleartext. @@ -1002,7 +1002,7 @@ are listed, the security properties for the second only apply if the first was received. +--------------------------------------------------------------+ -| Authentication Confidentiality | +| Source Destination | +--------------------------------------------------------------+ | N 0 2 | +--------------------------------------------------------------+ diff --git a/output/noise.html b/output/noise.html index 238a95b..824b3a7 100644 --- a/output/noise.html +++ b/output/noise.html @@ -601,14 +601,14 @@ KK: </tbody> </table> <h2 id="payload-security-properties">7.6. Payload security properties</h2> -<p>The following table lists the security properties for Noise handshake and transport payloads for all the one-way patterns in <a href="#one-way-handshake-patterns">Section 7.4</a> and the fundamental patterns in <a href="#interactive-handshake-patterns">Section 7.5</a>. Each payload is assigned an "authentication" property regarding the degree of authentication of the sender provided to the recipient, and a "confidentiality" property regarding the degree of confidentiality provided to the sender.</p> -<p>The authentication properties are:</p> +<p>The following table lists the security properties for Noise handshake and transport payloads for all the one-way patterns in <a href="#one-way-handshake-patterns">Section 7.4</a> and the fundamental patterns in <a href="#interactive-handshake-patterns">Section 7.5</a>. Each payload is assigned a "source" property regarding the degree of authentication of the sender provided to the recipient, and a "destination" property regarding the degree of confidentiality provided to the sender.</p> +<p>The source properties are:</p> <ol start="0" style="list-style-type: decimal"> <li><p><strong>No authentication.</strong> This payload may have been sent by any party, including an active attacker.</p></li> <li><p><strong>Sender authentication <em>vulnerable</em> to key-compromise impersonation (KCI)</strong>. The sender authentication is based on a static-static DH (<code>"ss"</code>) involving both parties' static key pairs. If the recipient's long-term private key has been compromised, this authentication can be forged. Note that a future version of Noise might include signatures, which could improve this security property, but brings other trade-offs.</p></li> <li><p><strong>Sender authentication <em>resistant</em> to key-compromise impersonation (KCI)</strong>. The sender authentication is based on an ephemeral-static DH (<code>"es"</code> or <code>"se"</code>) between the sender's static key pair and the recipient's ephemeral key pair. Assuming the corresponding private keys are secure, this authentication cannot be forged.</p></li> </ol> -<p>The confidentiality properties are:</p> +<p>The destination properties are:</p> <ol start="0" style="list-style-type: decimal"> <li><p><strong>No confidentiality.</strong> This payload is sent in cleartext.</p></li> <li><p><strong>Encryption to an ephemeral recipient.</strong> This payload has forward secrecy, since encryption involves an ephemeral-ephemeral DH (<code>"ee"</code>). However, the sender has not authenticated the recipient, so this payload might be sent to any party, including an active attacker.</p></li> @@ -625,7 +625,7 @@ KK: </colgroup> <tbody> <tr class="odd"> -<td><pre><code> Authentication Confidentiality</code></pre></td> +<td><pre><code> Source Destination</code></pre></td> </tr> <tr class="even"> <td><pre><code>N 0 2</code></pre></td> diff --git a/output/noise.pdf b/output/noise.pdf Binary files differindex 530f96e..82f47a1 100644 --- a/output/noise.pdf +++ b/output/noise.pdf |