[GNUnet-SVN] [taler-anastasis] branch master updated: Worked on the cryp

gnunet-svn

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [taler-anastasis] branch master updated: Worked on the cryp

From:	gnunet
Subject:	[GNUnet-SVN] [taler-anastasis] branch master updated: Worked on the crypto Specification
Date:	Sun, 22 Sep 2019 17:39:19 +0200

This is an automated email from the git hooks/post-receive script.

ds-meister pushed a commit to branch master
in repository anastasis.

The following commit(s) were added to refs/heads/master by this push:
     new 8b4f173  Worked on the crypto Specification
8b4f173 is described below

commit 8b4f1734a341d581abb7f88fd9fcdd5421fe6206
Author: Dominik Meister <address@hidden>
AuthorDate: Sun Sep 22 17:38:27 2019 +0200

    Worked on the crypto Specification
---
 src/api/crypto-anastasis.rst | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/src/api/crypto-anastasis.rst b/src/api/crypto-anastasis.rst
index d9c603c..02872c8 100644
--- a/src/api/crypto-anastasis.rst
+++ b/src/api/crypto-anastasis.rst
@@ -63,3 +63,30 @@ and signatures 64 bytes. For hashing, including HKDFs, 
Anastasis uses 512-bit ha
     struct ANASTASIS_EphemeralPublicKeyP {
         uint8_t ecdhe_pub[32];
     };
+
+
+------------------------
+Anastasis Objects
+------------------------
+.. _user_id:
+At the begin the user choses a secret e.g. AHV Number, social security 
number... we define it here as user_identifier.
+From this user_identifier we derive then two Hashes H_1 and H_2.
+The first Hash H_1 is generated with the SCRYPT KDF function, the Hash has a 
length of 32Byte. As an Input we take the
+user_identifier and the Server Salt. For the second Hash H_2 we the take the 
**FIXME** function with the same length and Input.
+
+H_1 then serves as our $ACCOUNT_PRIV we then compute through the EDDSA 
Algorithm the $ACCOUNT_PUB.
+
+The H_2 Hash is then used for the encryption of the user data.
+
+.. _recovery_document:
+The recover_document is encrypted with AES256-GCM (AEAD). We generate the Key 
for the encryption with the following steps.
+
+1. We derive a ephemeral public key from our H_2 value.
+2. Perform a ECDHE with the ephemeral public key and our H_2 this gives us a 
key K
+3. From this K we derive our Symetric Key and IV through the HKDF function 
**FIXME**.
+4. Now the IV and Symetric Key is used in the AES256-GCM to encrypt our 
Recovery Document.
+
+.. _key_share:
+The same procedure, but it generates a different Key since the ephemeral 
public key is different.
+
+

-- 
To stop receiving notification emails like this one, please contact
address@hidden.

[Prev in Thread]

Current Thread

[Next in Thread]

[GNUnet-SVN] [taler-anastasis] branch master updated: Worked on the crypto Specification, gnunet <=

Prev by Date: [GNUnet-SVN] [taler-bank] branch master updated: Define custom DoesNotExist for models.
Next by Date: [GNUnet-SVN] [libeufin] branch master updated: Versioning HEV response from elcimai.com.
Previous by thread: [GNUnet-SVN] [taler-bank] branch master updated: Define custom DoesNotExist for models.
Next by thread: [GNUnet-SVN] [libeufin] branch master updated: Versioning HEV response from elcimai.com.
Index(es):
- Date
- Thread