diff options
-rw-r--r-- | noise.md | 6 | ||||
-rw-r--r-- | output/noise.html | 12 | ||||
-rw-r--r-- | output/noise.pdf | bin | 384390 -> 384394 bytes |
3 files changed, 9 insertions, 9 deletions
@@ -786,7 +786,7 @@ The following handshake patterns represent interactive protocols. These 12 patterns are called the **fundamental** interactive handshake patterns. The fundamental interactive patterns are named with two characters, which -indicate the status of the initator and responder's static keys: +indicate the status of the initiator and responder's static keys: The first character refers to the initiator's static key: @@ -847,13 +847,13 @@ The second character refers to the responder's static key: The `XX` pattern is the most generically useful, since it supports mutual authentication and transmission of static public keys. -All interactive patterns allow some encryption of handshake payloads: +All fundamental patterns allow some encryption of handshake payloads: * Patterns where the initiator has pre-knowledge of the responder's static public key (i.e. patterns ending in `K`) allow **zero-RTT** encryption, meaning the initiator can encrypt the first handshake payload. - * All interactive patterns allow **half-RTT** encryption of the first response + * All fundamental patterns allow **half-RTT** encryption of the first response payload, but the encryption only targets an initiator static public key in patterns starting with `K` or `I`. diff --git a/output/noise.html b/output/noise.html index 29e0c26..6652c68 100644 --- a/output/noise.html +++ b/output/noise.html @@ -1840,16 +1840,16 @@ XXfallback: <p><strong>Revision 34:</strong></p> <ul> <li><p>Added official/unstable marking; the unstable only refers to the new deferred patterns, the rest of this document is considered stable.</p></li> -<li><p>Removed parenthesized list of keys from pattern notation, as it was redundant.</p></li> -<li><p>Added deferred patterns.</p></li> -<li><p>Clarified ciphertext-indistinguishability requirement for AEAD schemes and added a rationale.</p></li> <li><p>Clarified DH() definition so that the identity element is an invalid value which may be rejected.</p></li> -<li><p>Replaced "fallback patterns" concept with Bob-initiated pattern notation.</p></li> -<li><p>Added a new identity-hiding property, and changed identity-hiding property 3 to discuss an identity equality-check attack.</p></li> +<li><p>Clarified ciphertext-indistinguishability requirement for AEAD schemes and added a rationale.</p></li> <li><p>Clarified the order of hashing pre-message public keys.</p></li> <li><p>Rewrote handshake patterns explanation for clarity.</p></li> -<li><p>Rewrote section on compound protocols and pipes for clarity, including clearer distinction between "switch protocol" and "fallback patterns".</p></li> +<li><p>Removed parenthesized list of keys from pattern notation, as it was redundant.</p></li> +<li><p>Added deferred patterns.</p></li> <li><p>Renamed "Authentication" and "Confidentiality" security properties to "Source" and "Destination" to avoid confusion.</p></li> +<li><p>Added a new identity-hiding property, and changed identity-hiding property 3 to discuss an identity equality-check attack.</p></li> +<li><p>Replaced "fallback patterns" concept with Bob-initiated pattern notation.</p></li> +<li><p>Rewrote section on compound protocols and pipes for clarity, including clearer distinction between "switch protocol" and "fallback patterns".</p></li> <li><p>De-emphasised "type byte" suggestion, and added a more general discussion of negotiation data.</p></li> </ul> <h1 id="references" class="unnumbered">19. References</h1> diff --git a/output/noise.pdf b/output/noise.pdf Binary files differindex 74d46eb..9a7947f 100644 --- a/output/noise.pdf +++ b/output/noise.pdf |