log☇︎
24 entries in 0.348s
zx2c4: one thing to keep in mind is that Noise isn't a single ready-made protocol for every application designer to take. its instead a protocol framework for protocol designers to use. knowing explicitly what the payload param gives you in each message is really important, so that you dont screw up and put your stuff somewhere it shouldnt be. there are legitimate protocol use cases for using the payload parameter early on during the handshake. its
asciilifeform: zx2c4: are you the author of 'noise' protocol ?
asciilifeform: zx2c4: how did you select the 'noise' protocol ?
a111: Logged on 2017-08-22 12:07 asciilifeform: the 'noise protocol' link is hilarious -- even features the classic leper's bell of nsa committee , the null-cipher
spyked: asciilifeform, indeed. I inevitably got reminded of the noise thread when stumbling upon: "WireGuard, the secure network tunnel, uses an interesting Diffie-Hellman authenticated key exchange protocol based on NoiseIK, [...]". so. yeah, "interesting" indeed.
a111: Logged on 2017-08-22 12:07 asciilifeform: the 'noise protocol' link is hilarious -- even features the classic leper's bell of nsa committee , the null-cipher
a111: Logged on 2017-08-22 12:02 asciilifeform: the other lul in the 'noise protocol' is the use of symmetric ciphers
asciilifeform: spyked: prev. thread, incidentally, re 'noise protocol' : http://btcbase.org/log/2017-08-22#1701852 ☝︎
a111: 14 results for "noise protocol", http://btcbase.org/log-search?q=noise%20protocol
spyked: !#s noise protocol
a111: Logged on 2017-08-22 15:31 valentinbuza: noise is a framework for creating protocols. you have the option to create NOISE_NULL_CIPHER_TOTAL_BS protocol which is totally different from NOISE_ANOTHER_SANE_CHOICE
a111: Logged on 2017-08-22 10:17 valentinbuza: spyked, people who are serious about transport security (data in transit) shy away from TLS and they craft their own stripped down version using Noise Protocol Framework (http://noiseprotocol.org/index.html)
asciilifeform: the second purpose of tls, 'noise', and every other 'protocol' published, is to install in your head the idea that it is acceptable for a cryptosystem to consist of 50kLines of c.
spyked: valentinbuza, to exemplify asciilifeform's point ^ I shall quote from the docs: "A Noise protocol begins with two parties exchanging handshake messages. During this handshake phase the parties exchange DH public keys and perform a sequence of DH operations" <-- this requires me to import a couple of concepts: handshake messages, DH public keys, there may be others along the line. now, given that my crypto brain-memory module is not
valentinbuza: probably the word framework is misunderstood. Let's say you want NOISE_CURVE25519_ETC it does not provide you with curve25519 implementation, you have to create you own. It's just a schematic for protocol patterns, not a framework a la "django"
valentinbuza: noise is a framework for creating protocols. you have the option to create NOISE_NULL_CIPHER_TOTAL_BS protocol which is totally different from NOISE_ANOTHER_SANE_CHOICE ☟︎
asciilifeform: the 'noise protocol' link is hilarious -- even features the classic leper's bell of nsa committee , the null-cipher ☟︎☟︎
asciilifeform: the other lul in the 'noise protocol' is the use of symmetric ciphers ☟︎
valentinbuza: spyked, people who are serious about transport security (data in transit) shy away from TLS and they craft their own stripped down version using Noise Protocol Framework (http://noiseprotocol.org/index.html) ☟︎
Framedragger: here i have a problem because i don't think noise is necessarily bad; or that e.g. signal protocol is necessarily bad (yes names are barf'y)
mircea_popescu: but then he promotes "the noise protocol framework"
Framedragger: mircea_popescu: how about i (an nsa employee, say) just make a filter which grabs all observed gossipd traffic (packet timing or w/e, and if it's an actually new transmission protocol, then supreme joy is me) and send it for further analysis. i shall assume that while it's not certain which messages are legit and which are not, the offending t3rr0rist group is too lazy to transmit proper false positives to provide noise,
asciilifeform: mats: forgive me if i don't get the point of this (secrecy and deniability?). traffic can be correlated if the circuit is long-term, you tunnel a two way protocol, disruption causes retransmits, and there's noise << there were several points. i recommend reading that entire thread, well worth the time
mats: 16-12-2014 01:38:56 <asciilifeform> here's a very rough description of above experiment ... << forgive me if i don't get the point of this (secrecy and deniability?). traffic can be correlated if the circuit is long-term, you tunnel a two way protocol, disruption causes retransmits, and there's noise