diff --git a/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java b/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java
index 939ea2f418644ce90291e0e61e26984e28f2ff4c..5ee6b87eed15e83d7ca0003a62f45b543e1b8fc2 100644
--- a/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java
+++ b/bramble-core/src/main/java/org/briarproject/bramble/crypto/TransportCryptoImpl.java
@@ -43,12 +43,13 @@ class TransportCryptoImpl implements TransportCrypto {
 
 	@Override
 	public TransportKeys deriveTransportKeys(TransportId t,
-			SecretKey rootKey, long timePeriod, boolean alice, boolean active) {
+			SecretKey rootKey, long timePeriod, boolean weAreAlice,
+			boolean active) {
 		// Keys for the previous period are derived from the root key
-		SecretKey inTagPrev = deriveTagKey(rootKey, t, !alice);
-		SecretKey inHeaderPrev = deriveHeaderKey(rootKey, t, !alice);
-		SecretKey outTagPrev = deriveTagKey(rootKey, t, alice);
-		SecretKey outHeaderPrev = deriveHeaderKey(rootKey, t, alice);
+		SecretKey inTagPrev = deriveTagKey(rootKey, t, !weAreAlice);
+		SecretKey inHeaderPrev = deriveHeaderKey(rootKey, t, !weAreAlice);
+		SecretKey outTagPrev = deriveTagKey(rootKey, t, weAreAlice);
+		SecretKey outHeaderPrev = deriveHeaderKey(rootKey, t, weAreAlice);
 		// Derive the keys for the current and next periods
 		SecretKey inTagCurr = rotateKey(inTagPrev, timePeriod);
 		SecretKey inHeaderCurr = rotateKey(inHeaderPrev, timePeriod);
@@ -101,54 +102,57 @@ class TransportCryptoImpl implements TransportCrypto {
 	}
 
 	private SecretKey deriveTagKey(SecretKey rootKey, TransportId t,
-			boolean alice) {
-		String label = alice ? ALICE_TAG_LABEL : BOB_TAG_LABEL;
+			boolean keyBelongsToAlice) {
+		String label = keyBelongsToAlice ? ALICE_TAG_LABEL : BOB_TAG_LABEL;
 		byte[] id = toUtf8(t.getString());
 		return crypto.deriveKey(label, rootKey, id);
 	}
 
 	private SecretKey deriveHeaderKey(SecretKey rootKey, TransportId t,
-			boolean alice) {
-		String label = alice ? ALICE_HEADER_LABEL : BOB_HEADER_LABEL;
+			boolean keyBelongsToAlice) {
+		String label = keyBelongsToAlice ? ALICE_HEADER_LABEL :
+				BOB_HEADER_LABEL;
 		byte[] id = toUtf8(t.getString());
 		return crypto.deriveKey(label, rootKey, id);
 	}
 
 	@Override
 	public HandshakeKeys deriveHandshakeKeys(TransportId t, SecretKey rootKey,
-			long timePeriod, boolean alice) {
+			long timePeriod, boolean weAreAlice) {
 		if (timePeriod < 1) throw new IllegalArgumentException();
-		IncomingKeys inPrev = deriveIncomingHandshakeKeys(t, rootKey, alice,
-				timePeriod - 1);
-		IncomingKeys inCurr = deriveIncomingHandshakeKeys(t, rootKey, alice,
-				timePeriod);
-		IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey, alice,
-				timePeriod + 1);
-		OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey, alice,
-				timePeriod);
+		IncomingKeys inPrev = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod - 1);
+		IncomingKeys inCurr = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod);
+		IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod + 1);
+		OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
+				weAreAlice, timePeriod);
 		return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr, rootKey,
-				alice);
+				weAreAlice);
 	}
 
 	private IncomingKeys deriveIncomingHandshakeKeys(TransportId t,
-			SecretKey rootKey, boolean alice, long timePeriod) {
-		SecretKey tag = deriveHandshakeTagKey(t, rootKey, !alice, timePeriod);
-		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, !alice,
+			SecretKey rootKey, boolean weAreAlice, long timePeriod) {
+		SecretKey tag = deriveHandshakeTagKey(t, rootKey, !weAreAlice,
+				timePeriod);
+		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, !weAreAlice,
 				timePeriod);
 		return new IncomingKeys(tag, header, timePeriod);
 	}
 
 	private OutgoingKeys deriveOutgoingHandshakeKeys(TransportId t,
-			SecretKey rootKey, boolean alice, long timePeriod) {
-		SecretKey tag = deriveHandshakeTagKey(t, rootKey, alice, timePeriod);
-		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, alice,
+			SecretKey rootKey, boolean weAreAlice, long timePeriod) {
+		SecretKey tag = deriveHandshakeTagKey(t, rootKey, weAreAlice,
+				timePeriod);
+		SecretKey header = deriveHandshakeHeaderKey(t, rootKey, weAreAlice,
 				timePeriod);
 		return new OutgoingKeys(tag, header, timePeriod, true);
 	}
 
 	private SecretKey deriveHandshakeTagKey(TransportId t, SecretKey rootKey,
-			boolean alice, long timePeriod) {
-		String label = alice ? ALICE_HANDSHAKE_TAG_LABEL :
+			boolean keyBelongsToAlice, long timePeriod) {
+		String label = keyBelongsToAlice ? ALICE_HANDSHAKE_TAG_LABEL :
 				BOB_HANDSHAKE_TAG_LABEL;
 		byte[] id = toUtf8(t.getString());
 		byte[] period = new byte[INT_64_BYTES];
@@ -157,8 +161,8 @@ class TransportCryptoImpl implements TransportCrypto {
 	}
 
 	private SecretKey deriveHandshakeHeaderKey(TransportId t, SecretKey rootKey,
-			boolean alice, long timePeriod) {
-		String label = alice ? ALICE_HANDSHAKE_HEADER_LABEL :
+			boolean keyBelongsToAlice, long timePeriod) {
+		String label = keyBelongsToAlice ? ALICE_HANDSHAKE_HEADER_LABEL :
 				BOB_HANDSHAKE_HEADER_LABEL;
 		byte[] id = toUtf8(t.getString());
 		byte[] period = new byte[INT_64_BYTES];
@@ -171,34 +175,36 @@ class TransportCryptoImpl implements TransportCrypto {
 		long elapsed = timePeriod - k.getTimePeriod();
 		TransportId t = k.getTransportId();
 		SecretKey rootKey = k.getRootKey();
-		boolean alice = k.isAlice();
+		boolean weAreAlice = k.isAlice();
 		if (elapsed <= 0) {
 			// The keys are for the given period or later - don't update them
 			return k;
 		} else if (elapsed == 1) {
-			// The keys are one period old - shift by one period
+			// The keys are one period old - shift by one period, keeping the
+			// reordering windows for keys we retain
 			IncomingKeys inPrev = k.getCurrentIncomingKeys();
 			IncomingKeys inCurr = k.getNextIncomingKeys();
 			IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
-					alice, timePeriod + 1);
+					weAreAlice, timePeriod + 1);
 			OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
-					alice, timePeriod);
+					weAreAlice, timePeriod);
 			return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr,
-					rootKey, alice);
+					rootKey, weAreAlice);
 		} else if (elapsed == 2) {
-			// The keys are two periods old - shift by two periods
+			// The keys are two periods old - shift by two periods, keeping
+			// the reordering windows for keys we retain
 			IncomingKeys inPrev = k.getNextIncomingKeys();
 			IncomingKeys inCurr = deriveIncomingHandshakeKeys(t, rootKey,
-					alice, timePeriod);
+					weAreAlice, timePeriod);
 			IncomingKeys inNext = deriveIncomingHandshakeKeys(t, rootKey,
-					alice, timePeriod + 1);
+					weAreAlice, timePeriod + 1);
 			OutgoingKeys outCurr = deriveOutgoingHandshakeKeys(t, rootKey,
-					alice, timePeriod);
+					weAreAlice, timePeriod);
 			return new HandshakeKeys(t, inPrev, inCurr, inNext, outCurr,
-					rootKey, alice);
+					rootKey, weAreAlice);
 		} else {
 			// The keys are more than two periods old - derive fresh keys
-			return deriveHandshakeKeys(t, rootKey, timePeriod, alice);
+			return deriveHandshakeKeys(t, rootKey, timePeriod, weAreAlice);
 		}
 	}