prop. 144 minor updates

This commit is contained in:
zzz
2020-02-07 14:35:02 +00:00
parent 121a8d2267
commit a16971c5a6

View File

@@ -5,7 +5,7 @@ ECIES-X25519-AEAD-Ratchet
:author: zzz, chisana :author: zzz, chisana
:created: 2018-11-22 :created: 2018-11-22
:thread: http://zzz.i2p/topics/2639 :thread: http://zzz.i2p/topics/2639
:lastupdated: 2019-11-04 :lastupdated: 2020-02-07
:status: Open :status: Open
.. contents:: .. contents::
@@ -571,6 +571,7 @@ DH
ENCODE_ELG2(pubkey) ENCODE_ELG2(pubkey)
Returns the Elligator2-encoded public key corresponding to the given public key (inverse mapping). Returns the Elligator2-encoded public key corresponding to the given public key (inverse mapping).
Encoded keys are little endian.
DECODE_ELG2(pubkey) DECODE_ELG2(pubkey)
Returns the public key corresponding to the given Elligator2-encoded public key. Returns the public key corresponding to the given Elligator2-encoded public key.
@@ -868,7 +869,7 @@ New Session Ephemeral Key
````````````````````````` `````````````````````````
Alice's ephemeral key. Alice's ephemeral key.
The ephemeral key is 32 bytes, encoded with Elligator2. The ephemeral key is 32 bytes, encoded with Elligator2, little endian.
This key is never reused; a new key is generated with This key is never reused; a new key is generated with
each message, including retransmissions. each message, including retransmissions.
@@ -956,7 +957,7 @@ Encrypted format:
New Session One Time Key New Session One Time Key
```````````````````````` ````````````````````````
The one time key is 32 bytes, encoded with Elligator2. The one time key is 32 bytes, encoded with Elligator2, little endian.
This key is never reused; a new key is generated with This key is never reused; a new key is generated with
each message, including retransmissions. each message, including retransmissions.
@@ -1244,7 +1245,7 @@ New Session Reply Ephemeral Key
```````````````````````````````` ````````````````````````````````
Bob's ephemeral key. Bob's ephemeral key.
The ephemeral key is 32 bytes, encoded with Elligator2. The ephemeral key is 32 bytes, encoded with Elligator2, little endian.
This key is never reused; a new key is generated with This key is never reused; a new key is generated with
each message, including retransmissions. each message, including retransmissions.
@@ -1322,7 +1323,7 @@ KDF for Reply Key Section Encrypted Contents
//[chainKey, k] = MixKey(sharedSecret) //[chainKey, k] = MixKey(sharedSecret)
// ChaChaPoly parameters to encrypt/decrypt // ChaChaPoly parameters to encrypt/decrypt
// chainKey from original New Session Payload Section // chainKey from original New Session Payload Section
sharedSecret = DH(aesk, bepk) = DH(besk, bepk) sharedSecret = DH(aesk, bepk) = DH(besk, aepk)
keydata = HKDF(chainKey, sharedSecret, "", 32) keydata = HKDF(chainKey, sharedSecret, "", 32)
chainKey = keydata[0:31] chainKey = keydata[0:31]
@@ -1519,6 +1520,7 @@ Format
`````` ``````
32-byte public and private keys. 32-byte public and private keys.
Encoded keys are little endian.
Justification Justification
@@ -2110,8 +2112,11 @@ Typical contents include the following blocks:
================================== ============= ============ ================================== ============= ============
DateTime 0 7 DateTime 0 7
Session ID (debug) 1 7 Session ID (debug) 1 7
Termination (TBD) 4 TBD
Options 5 9 Options 5 9
Message Numbers (TBD) 6 TBD
Next Key 7 37 Next Key 7 37
Next Key Ack (TBD) 8 TBD
ACK Request 9 varies ACK Request 9 varies
Garlic Clove 11 varies Garlic Clove 11 varies
Padding 254 varies Padding 254 varies