Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Retrieve remote static key? #2

Closed
CertainLach opened this issue Nov 23, 2024 · 6 comments · Fixed by #3
Closed

Retrieve remote static key? #2

CertainLach opened this issue Nov 23, 2024 · 6 comments · Fixed by #3
Assignees
@jmlepisto
Labels
enhancement New feature or request

Comments

@CertainLach
Copy link

How can I get other party static key (for authentication) while using X patterns?

This method exists in other noise protocol implementations, but I can't find it in this one.

https://docs.rs/snow/latest/snow/struct.HandshakeState.html#method.get_remote_static
https://docs.rs/noise-protocol/0.2.0/noise_protocol/struct.HandshakeState.html#method.get_rs
@jmlepisto
Copy link
Owner

Thanks for pointing this out! Clatter is definitely missing this feature.

I'm just finishing up other changes for v1.1.0 so you can expect a fix for this also in a few days :)

@jmlepisto jmlepisto self-assigned this Nov 25, 2024
@jmlepisto jmlepisto added the enhancement New feature or request label Nov 25, 2024
@CertainLach
Copy link
Author

Remote ephemeral key would also be useful for noise pipe implementation (However, I'm not sure if it is already possible to implement noise pipe here?)

@david415
Copy link

How can I get other party static key (for authentication) while using X patterns?

This method exists in other noise protocol implementations, but I can't find it in this one.

https://docs.rs/snow/latest/snow/struct.HandshakeState.html#method.get_remote_static https://docs.rs/noise-protocol/0.2.0/noise_protocol/struct.HandshakeState.html#method.get_rs

This feature is absolutely required for anything I would do with Noise.
Wait wait wait... actually ACTUALLY is it even possible to perform authentication without this feature!?

@CertainLach
Copy link
Author

CertainLach commented Nov 26, 2024
edited
Loading

Wait wait wait... actually ACTUALLY is it even possible to perform authentication without this feature!?

You can pre-share static key and use K pattern instead of X as the form of authn. Wireguard does that (Noise_IK)

@david415
Copy link

david415 commented Dec 2, 2024

Wait wait wait... actually ACTUALLY is it even possible to perform authentication without this feature!?

You can pre-share static key and use K pattern instead of X as the form of authn. Wireguard does that (Noise_IK)

Okay that makes sense. I'm very biased here because my mixnet project, Katzenpost has been using Noise XX variations for many years now.

@jmlepisto jmlepisto linked a pull request Dec 11, 2024 that will close this issue
Remote key retrieval and interoperability fixes #3
Merged
@jmlepisto
Copy link
Owner

Sorry for the wait! I got sidetracked by Nyquist interoperability testing which proved to be unexpectedly difficult with some findings. Anyway, the changes are now in and I'm going to bake a new release very soon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jmlepisto jmlepisto

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Remote key retrieval and interoperability fixes jmlepisto/clatter
3 participants
@david415 @CertainLach @jmlepisto