kytv/I2P_Website
1
0
Fork 0
forked from I2P_Developers/i2p.www
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

prop. 144 fixes

Browse Source
This commit is contained in:
zzz
2019-09-21 20:27:31 +00:00
parent f17cb6fead
commit 1b9e0281d3
1 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
i2p2www/spec/proposals/144-ecies-x25519-aead-ratchet.rst
View File

@@ -5,7 +5,7 @@ ECIES-X25519-AEAD-Ratchet
:author: zzz, chisana :author: zzz, chisana
:created: 2018-11-22 :created: 2018-11-22
:thread: http://zzz.i2p/topics/2639 :thread: http://zzz.i2p/topics/2639
:lastupdated: 2019-09-20 :lastupdated: 2019-09-21
:status: Open :status: Open
.. contents:: .. contents::
@@ -1249,11 +1249,17 @@ KDF for Reply Key Section Encrypted Contents
// Bob's X25519 ephemeral keys // Bob's X25519 ephemeral keys
besk = GENERATE_PRIVATE_ELG2() besk = GENERATE_PRIVATE_ELG2()
bepk = DERIVE_PUBLIC(besk) bepk = DERIVE_PUBLIC(besk)
// Bob's ephemeral public key
// MixHash(bepk)
// || below means append
h = SHA256(h || bepk);
// elg2_bepk is sent in cleartext in the // elg2_bepk is sent in cleartext in the
// beginning of the new session message // beginning of the new session message
elg2_bepk = ENCODE_ELG2(bepk) elg2_bepk = ENCODE_ELG2(bepk)
// As decoded by Bob // As decoded by Bob
ibpk = DECODE_ELG2(elg2_bepk) bepk = DECODE_ELG2(elg2_bepk)
End of "e" message pattern. End of "e" message pattern.
@@ -1280,12 +1286,12 @@ KDF for Reply Key Section Encrypted Contents
// AEAD parameters // AEAD parameters
k = keydata[32:64] k = keydata[32:64]
n = 0 n = 0
ad = SHA-256(bepk) ad = h
ciphertext = ENCRYPT(k, n, ZEROLEN, ad) ciphertext = ENCRYPT(k, n, ZEROLEN, ad)
End of "se" message pattern. End of "se" message pattern.
// MixHash() // MixHash(ciphertext)
h = SHA256(h || ciphertext) h = SHA256(h || ciphertext)
chainKey is used in the ratchet below. chainKey is used in the ratchet below.