X-Git-Url: http://www.git.cypherpunks.ru/?a=blobdiff_plain;f=doc%2Fhandshake.texi;h=75a65085f712082136675d6b34dc54860db1cd54;hb=fa2fbe9b374fe5ac0949291e11b2a6bc5b4b53cd;hp=c509c094432aa70533e35b1c581cdb0c4a234691;hpb=8decd9d81e0cd75a9a1c0f2baaf0716fb935883d;p=govpn.git

diff --git a/doc/handshake.texi b/doc/handshake.texi
index c509c09..75a6508 100644
--- a/doc/handshake.texi
+++ b/doc/handshake.texi
@@ -3,24 +3,24 @@
 
 @verbatiminclude handshake.utxt
 
-Each handshake message ends with so called @code{IDtag}: it is an XTEA
-encrypted first 64 bits of each message with client's @ref{Identity} as
-a key. It is used to transmit identity and to mark packet as handshake
-message.
+Each handshake message ends with so called @code{IDtag}: it is
+BLAKE2b-MAC of the first 64 bits of the handshake message, with client's
+@ref{Identity} used as a key. It is used to transmit identity and to
+mark packet as handshake message.
 
-If @ref{Noise} is enabled, then junk data is inserted before
-@code{IDtag} to fill up packet to MTU's size.
+If @ref{Noise, noise} is enabled, then data is padded to fill up packet
+to MTU's size.
 
 @strong{Preparation stage}:
 
 @enumerate
 @item
 Client knows only his identity and passphrase written somewhere in the
-human. Server knows his identity and
+human readable form. Server knows his identity and
 @ref{Verifier structure, verifier}: @code{DSAPub}.
 @item
 Client computes verifier which produces @code{DSAPriv} and
-@code{DSAPub}. @code{H()} is @emph{HSalsa20} hash function.
+@code{DSAPub}. @code{H()} is @emph{BLAKE2b-256} hash function.
 @item
 Client generates DH keypair: @code{CDHPub} and @code{CDHPriv}.
 Also it generates random 64-bit @code{R} that is used as a nonce for