~mdw / tripe / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
server/, keys/: Alternative serialization formats for hashing.
[tripe] / server / tripe.8.in
diff --git a/server/tripe.8.in b/server/tripe.8.in
index 33f07b5..bdac421 100644 (file)
--- a/server/tripe.8.in
+++ b/server/tripe.8.in
@@ -412,6 +412,20 @@ more significantly, the transform is entirely deterministic, so (a) it
 doesn't need the (possibly slow) random number generator, and (b) it
 closes a kleptographic channel, over which a compromised implementation
 could leak secret information to a third party.
+.SS "Other key attributes"
+The following attributes can also be set on keys.
+.TP
+.B serialization
+Selects group-element serialization formats.
+The recommended setting is
+.BR constlen ,
+which selects a constant-length encoding when hashing group elements.
+The default,
+for backwards compatibility, is
+.BR v0 ;
+but this is deprecated.
+(The old format uses a variable length format for hashing,
+which can leak information through timing.)
 .SS "Using SLIP interfaces"
 Though not for the faint of heart, it is possible to get
 .B tripe
Trivial IP Encryption: a simple VPN