113
edits
Services/Sync/P2P Key Exchange And Rotation: Difference between revisions
Services/Sync/P2P Key Exchange And Rotation (view source)
Revision as of 00:30, 18 December 2015
, 18 December 2015Minor edits
(Minor edits) |
(Minor edits) |
||
| Line 92: | Line 92: | ||
'''Protocol Sequence''' | '''Protocol Sequence''' | ||
<ol start="0"> | <ol start="0"> | ||
<li>Each client publishes an identity key ( | <li>Each client publishes an identity key (AIp, BIp) and a set of ephemeral keys (AE{1..n}p, BE{1..n}p)</li> | ||
<li>Client A generates a new ephemeral key ( | <li>Client A generates a new ephemeral key (AEp) and randomly selects one of Client B's ephemeral keys (BEp). Using 3DHE and a KDF, client A generates the shared secret (SK) then sends message including own ephemeral key (AE) and an identifier for Client B's ephemeral key (BEp). Client B can now also generate the shared secret (SK) and hence the message body can be encrypted immediately.</li> | ||
</ol> | </ol> | ||
Both Client A and Client B can now continue to communicate using the shared secret ( | Both Client A and Client B can now continue to communicate using the shared secret (SK) as a session key. | ||
<pre> | <pre> | ||
| Line 106: | Line 106: | ||
t1 AIs AIp, BIp BIs | t1 AIs AIp, BIp BIs | ||
AEs AEp, BEp BEs | AEs AEp, BEp BEs | ||
SK = KDF(3DHE(AIs, AEs, BIp, BEp)) SK = KDF(3DHE(BIs, BEs, AIp, AEp)) | |||
PT = <message> CT | |||
CT = ENCRYPT(PT, SK) PT = DECRYPT(PT, SK) | |||
</pre> | </pre> | ||