Comments (4)
irungentoo
commented on July 22, 2024
It doesn't matter because nonces don't need to be cryptographically random.
from text.
iphydf
commented on July 22, 2024
Ok, what is the source of the nonces in the current implementation? Is each nonce completely random, or are they generated in some relation to each other? E.g. monotonically increasing or decreasing, fibonacci, or some other function applied to a number of preceding nonces?
Nonces don't need to be cryptographically random in order to have working crypto, but the source does matter because these numbers are passed around in plain text, so knowing how they are generated may expose an attack vector.
from text.
irungentoo
commented on July 22, 2024
All nonces for all parts of toxcore are currently generated the same way so I think this info belongs somewhere other than net_crypto.
from text.
iphydf
commented on July 22, 2024
https://github.com/Tox-Docs/Text/blob/master/src_text/crypto_core.txt
from text.
Related Issues (20)
- [TCP_server] Is it encrypted with the DHT private key or the long term private [...]
- [TCP_server] What is the value of this nonce compared to the unencrypted nonce sent after the public key? [...]
- [TCP_server] Is this base nonce in any way related to the received base nonce or any other nonces in the [...]
- [TCP_server] In most of the documentation, you use "encrypted with X and Y and Z" to mean [...]
- [TCP_server] How long is this timeout in toxcore?
- [TCP_server] Can the first packet be any random packet, like cookie request, handshake, nodes response, [...]
- [TCP_server] It is very unlikely to happen.
- [TCP_server] Please avoid copy/paste of large sections of text.
- [TCP_server] Just in what case does it leave space? How much spare exactly does this [...]
- [TCP_server] What is the public key if the connection was refused?
- [TCP_server] What is this limit derived from?
- TCP_connections.txt - needed clarifications and unclear bits HOT 1
- TCP_client "The TCP client will make sure that routing response packets are responses to a routing packet that it sent."
- friend_connection.txt issues
- [DHT] The crypto explanation is not sufficiently detailed. [...] HOT 1
- [DHT] Give an upper/lower bound for node list packet length.
- [LAN_discovery.txt] Line 14 doesn't really do anything HOT 1
- Remove all instances of 'UTF8' from Messenger.txt
- Nonces in the TCP handshake
- >The exact format of the toxcore save is explained later.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from text.