ahdinosaur / secret-handshake2 Goto Github PK
View Code? Open in Web Editor NEW๐ค Mutually authenticating key agreement to establish shared secrets over an insecure channel.
๐ค Mutually authenticating key agreement to establish shared secrets over an insecure channel.
Fix mismatch with Secret Handshake paper
In the Secret Handshake paper, the responder's first reply is:
$$b_p, hmac[K|a*b](b_p)$$ i.e. the HMAC key is the network key and and product of the new ephemerals keys.
In Secret Handshake v1, the responder's first reply was:
$$hmac[K](b_p), b_p$$ i.e. the HMAC key is only the network key.
(And the order of concatenation is reversed.)
Secret Handshake v2 makes sure to follow the paper for this HMAC key.
Secret Handshake v2 also follows the paper for the order of concatenations on the first two messages:
- Initiator Hello:
$a_p, hmac[K](a_p)$ - Responder Hello:
$a_p, hmac[K|a*b](a_p)$ Because this is consistent with the ordering of (ciphertext, auth_tag) in ChaCha20-Poly1305 (IETF).
What was the motivation here? To follow the paper more closely? In that case, we might want to check with Dominic and/or Keks if there was a reason why the implementation differed from the paper. In my experience, sometimes papers/concepts are written before implementation and may not be the most accurate description of the real-world algorithm (specs would be).
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.