lucb1e 44 days ago [-]
Note that this Noise Protocol is just an alternative to TLS; it is not actually about adding noise to your data to prevent metadata leaking (sending noise to random people to hide contacts, sending noise to hide how much you're talking to different contacts, or just sending noise alongside messages to hide how much you're talking to one contact or how large your messages are). I'm confused every time this noise protocol comes up (apparently not often enough for me to remember right away). The "communication" in the title should also not be interpreted too specifically. It's just about two computers talking to each other, not about securing your communications by adding noise, perhaps that added to the confusion in this case.
bpolverini 44 days ago [-]
If you're interested in seeing an interesting off broadway twist on the Noise Protocol Spec, libdisco and strobe are really interesting:

https://www.discocrypto.com/

https://strobe.sourceforge.io/

The Noise Protocol spec is fantastic. It asks a reasonable set of questions to a protocol designer and in exchange gives a set of safe choices for key exchange. It's a great example of building powerful systems from a handful of simple abstractions. Trevor Perrin (and I'm sure, not just he) did a phenomenal job.

motohagiography 44 days ago [-]
In terms of how people who work with security protocols can reason about it, was not-including a spec either in the Standard Notation for security protocols or a sequence diagram on purpose? I thought these were pretty standard conventions.