Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I don't know why you got downvoted, there is a paper about nQUIC [3], "Noise" here refers to the Noise Protocol[1] and its Rust implementation[2]:

[1] http://www.noiseprotocol.org/

[2] https://docs.rs/snow/0.4.2/snow/

[3] https://eprint.iacr.org/2019/028



> I don't know why you got downvoted

I imagine it got downvoted because it claims an old fork of the same code is "more modern" because it implements the must less capable Noise as a basis for QUIC rather than TLS.

We have something akin to CADT in protocol security where a certain type of person gets very excited about whatever new shiny thing they're convinced will fix everything and so they want to see it replace everything else immediately, no questions asked. Recently that's Noise.

Good news for people actually doing serious security engineering with Noise: In a few years these people will move on to whatever new thing is hot and leave you behind. Bad news: They will say everything you've done is crap when they do.


I mean the protocol is the more modern version.

Less capable as in "fewer ways to hit yourself in the foot by forcing you to use secure cryptosystems", then sure.

WhatsApp and Wireguard have been using Noise for a couple of years now.


And here is a light introduction: https://cryptologie.net/article/467/quic-noise-nquic/




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: