24
edits
Services/Sync/SimplifiedCrypto: Difference between revisions
Services/Sync/SimplifiedCrypto (view source)
Revision as of 06:52, 4 December 2010
, 4 December 2010→Upgrading existing Sync Keys to the new AES key: Added links to J-PAKE and SyncID in this Wiki for navigating the referenced specifications
(→Upgrading existing Sync Keys to the new AES key: Added links to J-PAKE and SyncID in this Wiki for navigating the referenced specifications) |
|||
| Line 65: | Line 65: | ||
* Spot old version | * Spot old version | ||
* Get a salt (Services.syncID from the meta/global object. The client will be bumping this…) | * Get a salt ([[Labs/Weave/Developer/StorageFormat#Payload:_meta.2Fglobal|Services.syncID]] from the meta/global object. The client will be bumping this…) | ||
* Apply PBKDF2 to salt and passphrase to yield our new AES key | * Apply PBKDF2 to salt and passphrase to yield our new AES key | ||
* Generate bulk keys, encrypt | * Generate bulk keys, encrypt | ||
| Line 71: | Line 71: | ||
* Wipe old key data. | * Wipe old key data. | ||
So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or J-PAKE-style key distribution. | So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or [[Services/Sync/SyncKey/J-PAKE|J-PAKE]]-style key distribution. | ||
=== Bulk keys === | === Bulk keys === | ||