MozillaWiki

Services/Sync/P2P Key Exchange And Rotation: Difference between revisions

Page Discussion

Services/Sync/P2P Key Exchange And Rotation (view source)

Revision as of 13:11, 3 January 2016

1,860 bytes added ,  3 January 2016
Added alternate flow
(Minor edits)
(Added alternate flow)
Line 375: Line 375:
'''Notes:'''
'''Notes:'''
* The authcode (VCS + VCM) is a digest of the session key and the master key respectively. This code needs to be entered on the device requesting authorisation to verify the user is in possession of registered device. If the authcode displayed by Client B matches the VCS value generated on Client A and the VCM value returned to Client B then a man-in-the-middle attack is highly unlikely.
* The authcode (VCS + VCM) is a digest of the session key and the master key respectively. This code needs to be entered on the device requesting authorisation to verify the user is in possession of registered device. If the authcode displayed by Client B matches the VCS value generated on Client A and the VCM value returned to Client B then a man-in-the-middle attack is highly unlikely.
'''Alternate Flow'''
<pre>
          Alice (Client A)                      Eve (Public)    Bob (Client B)
t0        AIs                                    AIp, BIp        BIs, MK
          AEs                                    AEd, BEd        BEs
          AEp                                                    BEp
t1        AIs                                    AIp, BIp        BIs, MK
(OoB)      AEs                                    AEd, BEd        BEs
          AEp                                                    BEp
          VC = DIGEST(AIp, AEp)                                  VCui = <user input>
t2        AIs                                    AIp, BIp        BIs, MK
          AEs                                    BEp              BEs
          AEp                                    AEd, BEd             
          Verified = (BEd == DIGEST(BEp))                       
t3        AIs                                    AIp, BIp        BIs, MK
          AEs                                    AEp, BEp        BEs
          SK = KDF(ECDH(AEs, BEp))              AEd, BEd        SK = KDF(ECDH(BEs, AEp)
                                                                  Verified = (VCui == DIGEST(AIp, AEp) + AEd == DIGEST(AEp))
t4        AIs, MK                                AIp, BIp        BIs, MK
          SK                                                      SK
</pre>
'''Notes:'''
* The authcode (VC) is a digest of Client A's identity key and ephemeral key. This code must be entered on a registered device to verify the user is in possession of the device requesting authorisation. If the authcode displayed by Client A matches the VC value generated on Client B and the digest of Client A's public key matches Client A's hash commit then a man-in-the-middle attack is highly unlikely.


'''ClientAuthV2Verifier JSON'''
'''ClientAuthV2Verifier JSON'''
Nickel chrome
113

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/1111090"