Skip to content

katzenpost/nyquist

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

81 Commits

cipher

cipher

 
 

dh

dh

 
 

hash

hash

 
 

internal/tuplehash

internal/tuplehash

 
 

kem

kem

 
 

pattern

pattern

 
 

seec

seec

 
 

testdata

testdata

 
 

vectors

vectors

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

cipherstate.go

cipherstate.go

 
 

cipherstate_test.go

cipherstate_test.go

 
 

common.go

common.go

 
 

example_pq_test.go

example_pq_test.go

 
 

example_test.go

example_test.go

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

handshakestate.go

handshakestate.go

 
 

handshakestate_dh.go

handshakestate_dh.go

 
 

handshakestate_kem.go

handshakestate_kem.go

 
 

handshakestate_test.go

handshakestate_test.go

 
 

symmetricstate.go

symmetricstate.go

 
 

vectors_test.go

vectors_test.go

 
 

Repository files navigation

nyquist - A Noise Protocol Framework implementation

Yawning Angel (yawning at schwanenlied dot me)

This package implements the Noise Protocol Framework.

Why?

Yeah, well, I'm gonna go build my own theme park with blackjack and hookers. In fact, forget the park.

Notes

It is assumed that developers using this package are familiar with the Noise Protocol Framework specification.

As of revision 34 of the specification, the only standard functionality that is NOT implemented is "10.2. The fallback modifier".

This package used to make a partial attempt to sanitize key material, but the author is now convinced that it is fundementally a lost cause due to several reasons including but not limited to copies on stack growth, the lack of a memset_s equivalent, and lack of support by most cryptographic primitives. And no, memguard is not a good solution either.

This package will panic only if invariants are violated. Under normal use this situation should not occur ("normal" being defined as, "Yes, it will panic if an invalid configuration is provided when initializing a handshake").

Several non-standard protocol extensions are supported by this implementation:

  • The maximum message size can be set to an arbitrary value or entirely disabled, on a per-session basis. The implementation will default to the value in the specification.

  • AEAD algorithms with authentication tags that are not 128 bits (16 bytes) in size should be supported. While the package will not reject algorithms with tags sizes that are less than 128 bits, this is NOT RECOMMENED.

  • Non-standard DH, Cipher and Hash functions are trivial to support by implementing the appropriate interface, as long as the following constraints are met:

    • For any given DH scheme, all public keys must be DHLEN bytes in size.

    • For any given Hash function, HASHLEN must be at least 256 bits (32 bytes) in size. The specification requires exactly 256 or 512 bits, however this package will tollerate any length, greater than or equal to 256 bits.

    • AEAD implementations must be able to tollerate always being passed a key that is 256 bits (32 bytes) in size.

  • Non-standard (or unimplemented) patterns are trivial to support by implementing the appropriate interface. The pattern sub-package includes a pattern validator that can verify a pattern against the specification's pattern validity rules.

  • A Cipher implementation backed by the Deoxys-II-256-128 MRAE primitive is provided.

The test vectors under testdata were shamelessly stolen out of the Snow repository.

About

fork of nyquist

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

1 star

Watchers

4 watching

Forks

0 forks
Report repository

Releases

12 tags

Packages

No packages published

Contributors 2

  •  
  •  

Languages