[HN Gopher] Intro to securing communication protocols with Noise
___________________________________________________________________
Intro to securing communication protocols with Noise
Author : grundprinzip
Score : 29 points
Date : 2021-01-21 10:24 UTC (1 days ago)
(HTM) web link (grund.me)
(TXT) w3m dump (grund.me)
| motohagiography wrote:
| In terms of how people who work with security protocols can
| reason about it, was not-including a spec either in the Standard
| Notation for security protocols or a sequence diagram on purpose?
| I thought these were pretty standard conventions.
| lucb1e wrote:
| Note that this Noise Protocol is just an alternative to TLS; it
| is not actually about adding noise to your data to prevent
| metadata leaking (sending noise to random people to hide
| contacts, sending noise to hide how much you're talking to
| different contacts, or just sending noise alongside messages to
| hide how much you're talking to one contact or how large your
| messages are). I'm confused every time this noise protocol comes
| up (apparently not often enough for me to remember right away).
| The "communication" in the title should also not be interpreted
| too specifically. It's just about two computers talking to each
| other, not about securing your communications by adding noise,
| perhaps that added to the confusion in this case.
| bpolverini wrote:
| If you're interested in seeing an interesting off broadway twist
| on the Noise Protocol Spec, libdisco and strobe are really
| interesting:
|
| https://www.discocrypto.com/
|
| https://strobe.sourceforge.io/
|
| The Noise Protocol spec is fantastic. It asks a reasonable set of
| questions to a protocol designer and in exchange gives a set of
| safe choices for key exchange. It's a great example of building
| powerful systems from a handful of simple abstractions. Trevor
| Perrin (and I'm sure, not just he) did a phenomenal job.
___________________________________________________________________
(page generated 2021-01-22 23:01 UTC)