Confirmed users
632
edits
Loop/Architecture/Context: Difference between revisions
Jump to navigation
Jump to search
→Local Key Storage and Recovery
| Line 45: | Line 45: | ||
=== Local Key Storage and Recovery === | === Local Key Storage and Recovery === | ||
One of the consequences of using '''kB''' to encrypt room keys is that we lose the ability to decrypt '''wrap(kR)''' if the user has to reset his FxA password (note: this is only true for password ''resets'', such as in the case of a forgotten password -- it does not apply to password ''changes'', where the user has the old password and is gracefully changing it to a new one). | |||
As a mitigation against this loss, clients will cache room keys locally. This applies to both keys created by the client as well as keys learned from the Loop server. This allows users to retrieve encrypted context information as long at they haven't both forgotten their password and lost their Firefox profile. To keep the keys on the Loop server valid in the face of password resets, clients will validate the value of wrapped room keys whenever they receive room information. In the case that passing their locally-stored copy of '''kR''' through the encryption oracle yields a different result than the value stored in the Loop server, the client will update the room information with a corrected wrappedKey value. | |||
== Loop Server API Changes == | == Loop Server API Changes == | ||