<feed xmlns='http://www.w3.org/2005/Atom'>
<title>ouroboros/src/lib/crypt/keyrot.h, branch be</title>
<subtitle>Ouroboros main repository</subtitle>
<id>https://ouroboros.rocks/cgit/ouroboros/atom?h=be</id>
<link rel='self' href='https://ouroboros.rocks/cgit/ouroboros/atom?h=be'/>
<link rel='alternate' type='text/html' href='https://ouroboros.rocks/cgit/ouroboros/'/>
<updated>2026-06-29T06:32:58+00:00</updated>
<entry>
<title>lib: Harden symmetric-key rotation</title>
<updated>2026-06-29T06:32:58+00:00</updated>
<author>
<name>Dimitri Staessens</name>
<email>dimitri@ouroboros.rocks</email>
</author>
<published>2026-06-13T08:18:17+00:00</published>
<link rel='alternate' type='text/html' href='https://ouroboros.rocks/cgit/ouroboros/commit/?id=22e2380b09730a2f18deefd688585edb430d3299'/>
<id>urn:sha1:22e2380b09730a2f18deefd688585edb430d3299</id>
<content type='text'>
Flow crypto signalled rotation with a single phase-parity bit, so a
loss burst that hid an even number of rotations went unnoticed and
wedged the flow for good.

Each packet now carries a small cleartext selector naming its key
directly, so a receiver that falls behind recovers on the next packet
instead of getting stuck.

The selector also serves as the AEAD nonce and is authenticated as
associated data (AAD). Key rotation moves into a new backend-agnostic
keyrot module that rotates sub-keys to bound AEAD usage while
preserving forward secrecy.

Signed-off-by: Dimitri Staessens &lt;dimitri@ouroboros.rocks&gt;
Signed-off-by: Sander Vrijders &lt;sander@ouroboros.rocks&gt;
</content>
</entry>
</feed>
