Services/Sync/P2P Key Exchange And Rotation: Difference between revisions

Jump to navigation Jump to search

Services/Sync/P2P Key Exchange And Rotation (view source)

Revision as of 06:57, 22 October 2015

335 bytes added ,  22 October 2015
Added clarifying text
(Undo last change)
(Added clarifying text)
Line 331: Line 331:


=== Registration Protocol v2 ===
=== Registration Protocol v2 ===
Importantly for version 2 of the eXfio Peer protocol the starting assumption is that an adversary has full access to the storage '''and''' knows the password, i.e. a hostile systems administrator.
The objective of the registration protocol is for a new device to obtain the master key (sync key) thus allowing it to read and write encrypted data to and from the storage. To maintain the security of the master key the protocol must defend against a man in the middle (MITM) attack from an adversary. Importantly for version 2 of the eXfio Peer protocol the starting assumption is that an adversary has full access to the storage '''and''' knows the password, i.e. a hostile systems administrator.


When Alice registers a new device with the Weave Sync server the client first checks if there are other authorised clients, if not it initialises the storage, if so it requests authorisation by following the procedure below.
When Alice registers a new device with the Weave Sync server the client first checks if there are other authorised clients, if not it generates a master key (MK) and initialises the storage, if so it requests authorisation by following the procedure below.


<ol start="0">
<ol start="0">
Nickel chrome
113

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1101795"

Navigation menu