canmove, Confirmed users
725
edits
Services/KeyExchange: Difference between revisions
Jump to navigation
Jump to search
→Terminology
| Line 34: | Line 34: | ||
*Secret: weak secret that is used to start the J-PAKE algorithm | *Secret: weak secret that is used to start the J-PAKE algorithm | ||
*Key: strong secret that both clients derive through J-PAKE | *Key: strong secret that both clients derive through J-PAKE | ||
== Overview == | |||
<ul> | |||
<li>Mobile and Desktop complete the two roundtrips of JPAKE messages to agree upon a secret key.</li> | |||
<li>The secret key is the sha256 hash of the K number, as returned by python-jpake.</li> | |||
<li>In third round trip, Mobile hashes the key using SHA256d (=hash twice with SHA256) and uploads it. Desktop verifies it against its key and uploads the encrypted credentials in turn, adding a SHA256-HMAC hash of the cleartext. Mobile verifies whether Desktop had the right key by checking the decrypted cleartext against the SHA256-HMAC hash.</li> | |||
</ul> | |||
<pre> | |||
Mobile Server Desktop | |||
================================================================= | |||
| | |||
request channel ---------------->| | |||
| | |||
retrieve channel <---------------| | |||
generate random secret | | |||
show PIN = channel + secret | ask user for PIN | |||
upload Mobile's message 1 ------>| | |||
|---> retrieve Mobile's message 1 | |||
| | |||
|<---- upload Desktop's message 1 | |||
retrieve Desktop's message 1 <---| | |||
| | |||
upload Mobile's message 2 ------>| | |||
|---> retrieve Mobile's message 2 | |||
| compute key | |||
|<---- upload Desktop's message 2 | |||
retrieve Desktop's message 2 <---| | |||
compute key | | |||
upload sha256d(key) ------------>| | |||
|---------> retrieve sha256d(key) | |||
| verify against own key | |||
| encrypt credentials | |||
|<------------ upload credentials | |||
retrieve credentials <-----------| | |||
decrypt credentials | | |||
verify HMAC | | |||
</pre> | |||
== Data format == | == Data format == | ||