learn.equalit.ie

Revision as of 06:42, 11 September 2014

Join

Description	Pseudo-code
Generate ephemeral DH private key	$x_{i}\leftarrow [0,order(g)]$
Generate DH key for BD, Triple DH and Signature	$y_{i}\leftarrow g^{{x_{i}}}$
Broadcast User identity and the DH key	$(U_{i},y_{i})$
Receive other users' id/key	$plist_{i}\|klist_{i}\leftarrow (U_{1}\|y_{1}\|\dots \|U_{n}\|y_{n})\cup (U_{i},y_{i})$
Compute Session Id	$sid_{i}\leftarrow H(U_{1}\|y_{1}\|\dots \|U_{n}\|y_{n})$
Generate Triple Diffie-Hellman P2P keys	$k_{{i,j}}\leftarrow H({y_{j}}^{{lp_{i}}},LP_{j}^{{x_{i}}},y_{j}^{{x_{i}}})$ }}
Generate key confirmations	$kc_{i}\leftarrow (H(k_{{i,1}},U_{1}),\dots ,H(k_{{i,n}},U_{n}))$ }}
Generate secret shares	$z'_{{i,l}}\leftarrow H(k_{{i,i-1}},sid_{i}),z'_{{i,r}}\leftarrow H(k_{{i,i+1}},sid_{i})$
Generate public shares	$z_{i}\leftarrow z'_{{i,l}}\oplus z'_{{i,r}}$
Sign identity, shares	$\sigma _{i}\leftarrow Sign_{{x_{i}}}(U_{i},z_{i},sid)$
Broadcast key shares and confirmation	$(U_{i},z_{i},\sigma _{i},kc_{i})$
Receive other users' key shares and confirmation	$(U_{1}\|z_{1},\sigma _{1},kc_{{1i}},\dots U_{n}\|z_{n},\sigma _{n},kc_{{ni}})$
Check validity of key confirmation	$kc_{i}[j]==H(k_{{j,i}},U_{j}){\textrm {for}}j\in \{1,\dots ,n\}$
Check public shares	$z_{1}\oplus \dots \oplus z_{n}==0$
Check signatures	$verify_{{y_{i}}}(\sigma _{j}){\textrm {for}}j\in \{1,\dots ,n\}$
Recover secret shares	$z'_{{j,r}}\leftarrow z'_{{j-1,r}}\oplus z_{j}$
Generate session key	$k_{i}\leftarrow H(z'_{{1,r}}\dots z'_{{n,r}},sid_{i})$
Broadcast session key confirmation	$k_{i}\leftarrow H(k_{i},sid_{i},U_{i})$

Accept

Description	Pseudo-code
broadcast all user's identities	$(U_{1}\|y_{1}\|\dots \|U_{n}\|y_{n})$
Receive other users' id/key and update participant list	$(plist_{i}\|klist_{i})\cup (U_{j}\|y_{j})$
Compute Session Id	$sid_{i}\leftarrow H(U_{1}\|y_{1}\|\dots \|U_{n}\|y_{n})$
Generate Triple Diffie-Hellman P2P key for the new participant	$k_{{i,j}}\leftarrow H({y_{j}}^{{lp_{i}}},LP_{j}^{{x_{i}}},y_{j}^{{x_{i}}})$
Generate key confirmations	$kc_{{i,j}}\leftarrow H(k_{{i,j}},U_{i})$
Generate secret shares	$z'_{{i,l}}\leftarrow H(k_{{i,i-1}},sid_{i}),z'_{{i,r}}\leftarrow H(k_{{i,i+1}},sid_{i})$
Generate public shares	$z_{i}\leftarrow z'_{{i,l}}\oplus z'_{{i,r}}$
Sign identity, shares	$\sigma _{i}\leftarrow Sign_{{x_{i}}}(U_{i},z_{i},sid)$
Broadcast key shares and confirmation	$(U_{i},z_{i},\sigma _{i},kc_{i})$
Receive other users' key shares and new users confirmation	$(U_{1}\|z_{1},\sigma _{1},\dots U_{n}\|z_{n},\sigma _{n}),kc_{{i,j}}$
Check validity of key confirmation	$kc_{{j,i}}==H(k_{{i,j}},U_{j})$
Check public shares	$z_{1}\oplus \dots \oplus z_{n}==0$
Check signatures	$verify_{{y_{i}}}(\sigma _{j}){\textrm {for}}j\in \{1,\dots ,n\}$
Recover secret shares	$z'_{{j,r}}\leftarrow z'_{{j-1,r}}\oplus z_{j}$
Generate session key	$k_{i}\leftarrow H(z'_{{1,r}}\dots z'_{{n,r}},sid_{i})$
Broadcast session key confirmation	$k_{i}\leftarrow H(k_{i},sid_{i},U_{i})$

Leave

Description	Pseudo-code
Remove leaving user's id/key and update participant list	$(plist_{i}\|klist_{i})\backslash (U_{j}\|y_{j})$
Compute Session Id	$sid_{i}\leftarrow H(U_{1}\|y_{1}\|\dots \|U_{n}\|y_{n})$
Generate secret shares	$z'_{{i,l}}\leftarrow H(k_{{i,i-1}},sid_{i}),z'_{{i,r}}\leftarrow H(k_{{i,i+1}},sid_{i})$
Generate public shares	$z_{i}\leftarrow z'_{{i,l}}\oplus z'_{{i,r}}$
Sign identity, shares	$\sigma _{i}\leftarrow Sign_{{x_{i}}}(U_{i},z_{i},sid)$
Broadcast key shares	$(U_{i},z_{i},\sigma _{i})$
Receive other users' key shares	$(U_{1}\|z_{1},\sigma _{1},\dots U_{n}\|z_{n},\sigma _{n})$
Check public shares	$z_{1}\oplus \dots \oplus z_{n}==0$
Check signatures	$verify_{{y_{i}}}(\sigma _{j}){\textrm {for}}j\in \{1,\dots ,n\}$
Recover secret shares	$z'_{{j,r}}\leftarrow z'_{{j-1,r}}\oplus z_{j}$
Generate session key	$k_{i}\leftarrow H(z'_{{1,r}}\dots z'_{{n,r}},sid_{i})$
Broadcast session key confirmation	$skc_{i}\leftarrow H(k_{i},sid_{i},U_{i})$

Send

Description	Pseudo-code
Generate new DH Key or new key share if needed and append	$m\leftarrow (sid,s,m)$
Append the hash of the session digest up to parent of current message	$m\leftarrow (m,Digest(parnet(m)),parent\_id)$
Sign the message	$\sigma \leftarrow Sign_{{x_{i}}}(m)$
Encrypt	Failed to parse (PNG conversion failed; check for correct installation of latex and dvipng (or dvips + gs + convert)): e\leftarrow Enc_{k}_{{sid}}(m)
Broadcast the message	$(sid_{i},e,\sigma )$

Receive

Description	Pseudo-code
check signature	$verify(m)==(m,\sigma )$
decrypt messagen	$sid_{{rec}},s,m,h,parent\_id\leftarrow Dec_{k}(m)$
Verify session id and hash	Failed to parse (syntax error): \sigma \leftarrow sid_i == sid_{rec} & h == Digest(parent\_id)
Update key share or session key	$(y_{j},z_{{ji}})$
return m	$m$

@@ Line 137: / Line 137: @@
 |-
 |align="right"| Remove leaving user's id/key and update participant list
-|align="center"|<math>plist_i|klist_i \textrm{remove} (U_j|y_j)</math>
+|align="center"|<math>(plist_i|klist_i) \backslash (U_j|y_j)</math>
 |-
 |align="right"|Compute Session Id
 |align="center"|<math>sid_i \leftarrow H(U_1|y_1|\dots|U_n|y_n)</math>
-|-
-|align="right"|Generate key confirmations
-|align="center"|<math>kc_i \leftarrow (H(k_{i,j}, U_j)</math>
 |-
 |align="right"|Generate secret shares
@@ Line 155: / Line 152: @@
 |-
 |align="right"|Broadcast key shares
-|align="center"|<math>(U_i, z_i, \sigma_i,>kc_i</math>}}<math>)</math>
+|align="center"|<math>(U_i, z_i, \sigma_i)</math>
 |-
 |align="right"| Receive other users' key shares
-|align="center"|<math>(U_1|z_1,\sigma_1,\dots U_n|z_n,\sigma_n)
+|align="center"|<math>(U_1|z_1,\sigma_1,\dots U_n|z_n,\sigma_n)</math>
-|-
-|align="right"|Check validity of key confirmation
-|align="center"|<math>kc_i[j] == kc_j[i]</math>
 |-
 |align="right"|Check public shares
@@ Line 178: / Line 172: @@
 |align="center"|<math>skc_i \leftarrow H(k_i, sid_i, U_i)</math>
 |}
 ==Send==

learn.equalit.ie

Difference between revisions of "Np1sec/algebraic"

Revision as of 06:42, 11 September 2014

Contents

Chatroom Setup

Join

Accept

Leave

Send

Receive

Search

Personal tools

Tools

Description	Pseudo-code
Generate ephemeral DH private key of the room initiator	$x_{i}\leftarrow [0,order(g)]$
Generate DH key for BD, Triple DH and Signature	$y_{i}\leftarrow g^{{x_{i}}}$
Set participant list	$plist\leftarrow [U_{i}]$