Difference between revisions of "MpOTR/algorithm dump"
(→Common functions used by other procedures in different stages) |
(→Common functions used by other procedures in different stages) |
||
Line 126: | Line 126: | ||
'''if''' <math>keyConfirmationList[participant][myId] \neq Hash(k_{myId,participant} , U_{myId} )</math>''', then''' | '''if''' <math>keyConfirmationList[participant][myId] \neq Hash(k_{myId,participant} , U_{myId} )</math>''', then''' | ||
<span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Halt</span>'''() | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Halt</span>'''() | ||
− | ' '''if''' <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''ED25519VerifySignature</span>'''( | + | '''else''' '''if''' <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''ED25519VerifySignature</span>'''(<math>ephemeralPublicKeyList[particicpant]</math>, <math>sessionId | keyShares[myId]</math>, <math>originAuthSignature</math>) = Fail ''', then''' |
− | ' | + | |
<span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Halt</span>'''() | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Halt</span>'''() | ||
{{algorithm-end}} | {{algorithm-end}} | ||
+ | |||
{{algorithm-begin|name=Compute Session Id}} | {{algorithm-begin|name=Compute Session Id}} | ||
Line 144: | Line 144: | ||
{{algorithm-begin|name=Sign and Send Key Confirmation and Share}} | {{algorithm-begin|name=Sign and Send Key Confirmation and Share}} | ||
Input: <math>schnorrRandomPointList</math> | Input: <math>schnorrRandomPointList</math> | ||
− | + | '''for each''' <math>participant \in participantList</math>, '''do''' | |
<math>k_{myId, participant} := Hash(x_{myId}LP_{participant} |lp_{myId}y_{participant} | x_{myId}y_{participant})</math> # Triple DH | <math>k_{myId, participant} := Hash(x_{myId}LP_{participant} |lp_{myId}y_{participant} | x_{myId}y_{participant})</math> # Triple DH | ||
<math>kc_{myId} := kc_{myId} | Hash(k_{myId,participant}, U_{participant})</math> | <math>kc_{myId} := kc_{myId} | Hash(k_{myId,participant}, U_{participant})</math> | ||
Line 153: | Line 153: | ||
<span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Broadcast</span>'''(":3mpCat:3KeyConfirmationAndShare:3", <math>myId</math>, <math>keyShare_{myId}</math>, <math>originAuthSignature</math>, <math>kc_{myId}</math>) | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Broadcast</span>'''(":3mpCat:3KeyConfirmationAndShare:3", <math>myId</math>, <math>keyShare_{myId}</math>, <math>originAuthSignature</math>, <math>kc_{myId}</math>) | ||
{{algorithm-end}} | {{algorithm-end}} | ||
+ | |||
{{algorithm-begin|name=Update Session Key}} | {{algorithm-begin|name=Update Session Key}} | ||
Input: <math>keyShareList</math> | Input: <math>keyShareList</math> | ||
− | + | <math>i := myId</math> | |
− | '''for each''' <math>{j \in [i,...,i+n-1]}</math>, '''do''' | + | '''for each''' <math>{j \in [i,...,i+n-1]}</math>, '''do''' |
− | + | <math>z_{j,j+1} := z_{j-1,j} \oplus keyShareListe[j+1]</math> | |
− | + | # recovered <math>z_{i-1,i}</math> should be equal to its original value | |
− | + | '''global''' <math>sessionKey := Hash(z_{j,j+1} | j \in [1...n])</math> | |
{{algorithm-end}} | {{algorithm-end}} | ||
{{algorithm-begin|name=Sign Params Update Session Key}} | {{algorithm-begin|name=Sign Params Update Session Key}} | ||
− | Input: <math>toBeSigned</math>, <math>signatureList</math>, <math>keyShareList</math> | + | Input: <math>toBeSigned</math>, <math>signatureList</math>,<math>keyShareList</math> |
− | + | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Update Session Key</span>'''() | |
− | + | <math>toBeSigned := Hash(sessionId, ||Hash(verifierList, ephemeralPublicPointList, keyShareList)))</math> | |
− | + | <math>signature_{myId} := </math><span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Sign Session and Send</span>'''(<math>toBeSigned</math>) | |
− | + | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''Broadcast</span>'''(":3mpCat:3SignedSessionParameters:3",<math>signature_{myId}</math>) | |
{{algorithm-end}} | {{algorithm-end}} | ||
Line 175: | Line 176: | ||
{{algorithm-begin|name=ComputeSessionDigest}} | {{algorithm-begin|name=ComputeSessionDigest}} | ||
Input: <math>lastMessage</math> | Input: <math>lastMessage</math> | ||
− | '''for each''' <math>message</math> in Messages Received from <math>lastDigestedMessage</math>+1 till <math>lastMessage</math>, '''do''' | + | '''for each''' <math>message</math> in Messages Received from <math>lastDigestedMessage</math>+1 till <math>lastMessage</math>, '''do''' |
− | + | <math>sesionDigest := Hass(sessionDigest, message)</math> | |
− | + | <span style="font-family: serif; font-size: larger; font-variant:small-caps;">'''LRU Cache Store Digest</span>'''(<math>sessionDigest</math>, <math>message</math>) | |
− | + | '''return''' <math>sessionDigest</math>,<math>lastMessageId</math> | |
{{algorithm-end}} | {{algorithm-end}} | ||
Revision as of 20:38, 28 July 2014
Contents
Chatroom setup
Procedure Chatroom Init
Input: ,
global
global
global
global Generate Initial Paramters()
global
Procedure Verify Verifier Generate Init Key Input: , , , , Verify Verifiers() global Sign Session and Send()
Join
Procedure Join Input: , , global global Generate Initial Paramters() global Broadcast(":3mpCat:3Join:3", , , ) global Receive() global Compute Session Id(, , ) Sign and Send Key Confirmation and Shares() Wait On Receive(":3mpCat:3KeyConfirmationShare:3") global Receive() Verify Key Confirmations and Signatures(, ) Update Session Key()
Procedure Receive Session Digest Input: global
Protocol for other participants already in the chat to accept the newcomer
Procedure Accept Input: Broadcast(":3mpCat:3Join:3", , , ) Wait On Receive(":3mpCat:3Join:3") global , Receive() Update Lists(, ) global Compute Session Id(, , ) Sign and Send Key Confirmation and Shares() Wait On Receive(":3mpCat:3KeyConfirmationShare:3") global Receive() Verify Key Confirmations and Signatures(, ) Update Session Key() Send()
Farewell
Procedure Shrink on Leave Input: remove from global Compute Session Id() if , then Sign and Send Key Shares() Wait On Receive(":3mpCat:3KeyShare:3") := Receive() Update Session Key()
Procedure Sign and Send Key Shares Input: global global ED25519Sign(, || ) Broadcast(":3mpCat:3KeyShare:3", , , ) # we can send this encrypted but leaving person can read it, hence theoretically it is the same as sending it unencrypted.
Send
Procedure Send Input: , = NewKeyShareMessage() := AES CTR Encrypt(,) := ED25519Sign(, || ) := Compute Session Digest() Broadcast(":3mpCat:3", , , , ,":3")
Recieve
Procedure Receive Input: , , , ED25519VerifySignature(, , ) Assert() or return Reject AES CTR Decrypt(, ){} UpdateNewKeyStatus() Verify Digests() return{} # isMetaMessage is true if the message is purely meta message and there is nothing to display
Common functions used by other procedures in different stages
Procedure Generate Initial Paramters Input: RandomBits(256) Ed25519 Scalar()) #{This is both Diffie-Hellman secret and ephemeral signature private key} return
Procedure Verify Key Confirmation and Signatures Input: , for each , do if , then Halt() else if ED25519VerifySignature(, , ) = Fail , then Halt()
Procedure Compute Session Id Input: , return #
Procedure Verify Signatures Input: ,, # standard signature verification
Procedure Sign and Send Key Confirmation and Share Input: for each , do # Triple DH global global ED25519Sign(, || ) Broadcast(":3mpCat:3KeyConfirmationAndShare:3", , , , )
Procedure Update Session Key Input: for each , do # recovered should be equal to its original value global
Procedure Sign Params Update Session Key Input: , , Update Session Key() Sign Session and Send() Broadcast(":3mpCat:3SignedSessionParameters:3",)
Procedure ComputeSessionDigest
Input:
for each in Messages Received from +1 till , do
LRU Cache Store Digest(, )
return ,
Procedure NewKeyShareMessage Input: # Based on metaMessage Determines what type of keyshare needs to be send (Ephemeral point or Group key share) and returen it.
Procedure UpdateNewKeyStatus Input: # Update the table of which participant has sent its new ephemeral point or its new group key share
Procedure Hash
Input:
return SHA-512()