Services/KeyExchange: Difference between revisions

Jump to navigation Jump to search

Services/KeyExchange (view source)

Revision as of 22:35, 8 December 2010

87 bytes added ,  8 December 2010
→‎Key derivation
Line 79: Line 79:
== Key derivation ==
== Key derivation ==


The encryption key T(1) and the HMAC key T(2) will be derived from J-PAKE's strong secret K as follows:
The AES encryption key T(1) and the HMAC key T(2) will be derived from J-PAKE's strong secret K as follows:


  extraction_key = "\x00" * 32
  extraction_key = "\x00" * 32
  key_string = HMAC-SHA256(K, extraction_key)
  key_string = HMAC-SHA256(K, extraction_key)
key_verification_hash = SHA256(SHA256(key_string))


  T(1) = HMAC-SHA256(key_string, "" + "Sync-AES_256_CBC-HMAC256" + 0x01)
  T(1) = HMAC-SHA256(key_string, "" + "Sync-AES_256_CBC-HMAC256" + 0x01)
Line 90: Line 88:


(See http://tools.ietf.org/html/rfc5869)
(See http://tools.ietf.org/html/rfc5869)
To verify the key on both ends, the value
  "Sync-AES_256_CBC-HMAC256"
is encrypted with the AES key, then hashed with the HMAC key.


== Data format ==
== Data format ==
Philikon
canmove, Confirmed users
725

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/272787"

Navigation menu