Services/Sync/P2P Key Exchange And Rotation: Difference between revisions

Jump to navigation Jump to search

Services/Sync/P2P Key Exchange And Rotation (view source)

Revision as of 22:33, 21 October 2015

19 bytes removed ,  21 October 2015
Removed redundant key information in message header
(Minor edits)
(Removed redundant key information in message header)
Line 237: Line 237:
<li>Each client publishes an identity key (AI, BI) and a set of ephemeral key digests (AE{1..n}, BE{1..n}d)</li>
<li>Each client publishes an identity key (AI, BI) and a set of ephemeral key digests (AE{1..n}, BE{1..n}d)</li>
<li>Client A generates a new ephemeral key (AEp) and sends a message to Client B nominating one of client B's ephemeral key digests (BEd).</li>
<li>Client A generates a new ephemeral key (AEp) and sends a message to Client B nominating one of client B's ephemeral key digests (BEd).</li>
<li>Client B receives client A's ephemeral key (AEp) and identifier for own ephemeral key (BEd). Using 3DHE and a KDF Client B generates the session key (SK) then sends message including own ephemeral key (BEp). Client B can now encrypt/decrypt the message body with session key.</li>
<li>Client B receives client A's ephemeral key (AEp) and digest for own ephemeral key (BEd). Using 3DHE and a KDF Client B generates the session key (SK) then sends message including own ephemeral key (BEp) matching digest (BEd). Client B can now encrypt/decrypt the message body with session key.</li>
<li>Client A receives client B's ephemeral key (BEp). Using 3DHE and a KDF, client A generates the session key (SK). Client A can now encrypt/decrypt the message body with the session key.</li>
<li>Client A receives client B's ephemeral key (BEp). Using 3DHE and a KDF, client A generates the session key (SK). Client A can now encrypt/decrypt the message body with the session key.</li>
</ol>
</ol>
Line 291: Line 291:
   srcclientid:  "id of sender",
   srcclientid:  "id of sender",
   srckeyid:    "id of sender's ephemeral key",
   srckeyid:    "id of sender's ephemeral key",
  srckey:      "sender's ephemeral key (optional after first message, i.e. sequence > 1)",
   dstclientid:  "id of receiver",
   dstclientid:  "id of receiver",
   srckeyid:    "id of receiver's ephemeral key",
   dstkeyid:    "id of receiver's ephemeral key",
   sequence:    "sequence of this message in session",
   sequence:    "sequence of this message in session",
   type:        "message type",
   type:        "message type",
Line 304: Line 303:
<pre>
<pre>
{
{
   clientid: "id of client",
   clientid:     "id of client",
   name:     "name of client"
   name:         "name of client"
   keydigest: "digest of other party's ephemeral key"
   srckey:      "sender's ephemeral key",
  dstkeydigest: "digest of receiever's ephemeral key"
}
}
</pre>
</pre>
Line 325: Line 325:
   status:    "okay|fail",
   status:    "okay|fail",
   message:  "ephemeral key okay|ephemeral key mismatch",
   message:  "ephemeral key okay|ephemeral key mismatch",
   key:       "ephemeral key matching digest (if status okay)",
   dstkey:   "ephemeral key matching dstkeydigest (if status okay)",
   auth:      SessionVerifier (if status okay)
   auth:      SessionVerifier (if status okay)
}
}
Nickel chrome
113

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1101755"

Navigation menu