Difference between revisions of "MpOTR/algorithm dump"
Line 1: Line 1:
 
====Chatroom setup====
 
====Chatroom setup====
 
<!--alg_chat_setup-->
 
<!--alg_chat_setup-->
{{algorithm-begin|name=Chat Initiator Init}}
+
{{algorithm-begin|name=Chatroom Init}}
 
  Input: <math>newRoomName</math>, <math>participantNick</math>
 
  Input: <math>newRoomName</math>, <math>participantNick</math>
 
   Global <math>myId := 1</math>
 
   Global <math>myId := 1</math>
 
   Global <math>Nick_{myId} := participantNick</math>
 
   Global <math>Nick_{myId} := participantNick</math>
 
   Global <math>roomName := newRoomName</math>
 
   Global <math>roomName := newRoomName</math>
   Global <math>x_{myId}, y_{myId} :=</math> '''Call''' '''Generate Initial Paramters'''(<math>myId</math>)
+
   Global <math>x_{myId}, y_{myId} :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Generate Initial Paramters</span>'''(<math>myId</math>)
 
   Global <math>signatureKey_{myId} := (x_{myId},y_{myId})</math>
 
   Global <math>signatureKey_{myId} := (x_{myId},y_{myId})</math>
 
   <math>participantList := [Nick_{myId}]</math>
 
   <math>participantList := [Nick_{myId}]</math>
Line 14: Line 14:
  
 
{{algorithm-begin|name=Verify Verifier Generate Init Key}}
 
{{algorithm-begin|name=Verify Verifier Generate Init Key}}
  Input: <math>schnorrRandomPoint_{other</math>
+
  Input: <math>schnorrRandomPoint_{other}</math>, <math>Hv_{other}</math>, <math>v_{other}</math>, <math>y_{other}</math>, <math>Nick_{other}</math>
   '''Call''' '''Verify Verifiers'''()
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Verify Verifiers</span>'''()
   Global <math>sessionKey := SHA-512(x_{myId}y_{other}, sessionId)</math>
+
   Global <math>sessionKey := Hash(x_{myId}y_{other}, sessionId)</math>
   <math>toBeSigned := SHA-512(SHA-512(sessionId||SHA-512(y_1, v_1)||SHA-512(y_2,v_2)))</math>
+
   <math>toBeSigned := Hash(Hash(sessionId||Hash(y_1, v_1)||Hash(y_2,v_2)))</math>
   '''Call''' '''Sign Session and Send'''(<math>toBeSigned</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Sign Session and Send</span>'''(<math>toBeSigned</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 27: Line 27:
 
<!--alg_join-->
 
<!--alg_join-->
 
{{algorithm-begin|name=Join}}
 
{{algorithm-begin|name=Join}}
  Input: <math>newRoomName</math>, <math>Nickname_{myId</math>
+
  Input: <math>newRoomName</math>, <math>Nickname_{myId}</math>, <math>participantId</math>
 
   Global <math>myId := participantId</math>
 
   Global <math>myId := participantId</math>
 
   Global <math>roomName := newRoomName</math>
 
   Global <math>roomName := newRoomName</math>
   <math>x_{myId}, y_{myId} := </math>'''Call''' '''Generate Initial Paramters'''(Participant ID <math>myId</math>)
+
   <math>x_{myId}, y_{myId} := </math><span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Generate Initial Paramters</span>'''(Participant ID <math>myId</math>)
 
   Global <math>signatureKey_{myId} := (x_{myId},y_{myId})</math>
 
   Global <math>signatureKey_{myId} := (x_{myId},y_{myId})</math>
   '''Call''' '''Broadcast'''(``:3mpCat:3Join:3'', <math>myId</math>, <math>Nickname_{myId</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3Join:3", <math>myId</math>, <math>Nickname_{myId}</math>, <math>y_{myId}</math>)
   Global <math>participantList, ephemeralPublicPointList :=</math> '''Call''' '''Receive'''()
+
   Global <math>participantList, ephemeralPublicPointList :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Receive</span>'''()
   Global <math>sessionId := </math> '''Call''' '''Compute Session Id'''(<math>roomName</math>, <math>participantList</math>, <math>ephemeralPublicPointList</math>)
+
   Global <math>sessionId := </math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Compute Session Id</span>'''(<math>roomName</math>, <math>participantList</math>, <math>ephemeralPublicPointList</math>)
   '''Call''' '''Sign and Send Key Confirmation and Shares'''()
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Sign and Send Key Confirmation and Shares</span>'''()
   '''Call''' '''Wait On Receive'''(``:3mpCat:3KeyConfirmationShare:3'')
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Wait On Receive</span>'''(":3mpCat:3KeyConfirmationShare:3")
   Global <math>keyShareList, keyConfirmationList, signatureList :=</math> '''Call''' '''Receive'''()
+
   Global <math>keyShareList, keyConfirmationList, signatureList :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Receive</span>'''()
   '''Call''' '''Verify Key Confirmations and Signatures'''(<math>keyConfirmationList</math>, <math>signatureList</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Verify Key Confirmations and Signatures</span>'''(<math>keyConfirmationList</math>, <math>signatureList</math>)
   '''Call''' '''Update Session Key'''()
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Update Session Key</span>'''()
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 55: Line 55:
 
{{algorithm-begin|name=Accept}}
 
{{algorithm-begin|name=Accept}}
 
  Input: newParticipant
 
  Input: newParticipant
   '''Call''' '''Broadcast'''(``:3mpCat:3Join:3'', <math>myId</math>, <math>Nickname_{myId</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3Join:3", <math>myId</math>, <math>Nickname_{myId}</math>, <math>y_{myId}</math>)
   '''Call''' '''Wait On Receive'''(``:3mpCat:3Join:3'')
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Wait On Receive</span>'''(":3mpCat:3Join:3")
   Global <math>nick_{NewParticipant}</math>, <math>ephemeralPublicPoint_{NewParticipant} := </math> '''Call''' '''Receive'''()
+
   Global <math>nick_{NewParticipant}</math>, <math>ephemeralPublicPoint_{NewParticipant} := </math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Receive</span>'''()
   '''Call''' '''Update Lists'''(<math>nick_{NewParticipant</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Update Lists</span>'''(<math>nick_{NewParticipant}</math>, <math>ephemeralPublicPoint_{NewParticipant}</math>)
   Global <math>sessionId := </math> '''Call''' '''Compute Session Id'''(<math>roomName</math>, <math>participantList</math>, <math>ephemeralPublicPointList</math>)
+
   Global <math>sessionId := </math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Compute Session Id</span>'''(<math>roomName</math>, <math>participantList</math>, <math>ephemeralPublicPointList</math>)
   '''Call''' '''Sign and Send Key Confirmation and Shares'''()
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Sign and Send Key Confirmation and Shares</span>'''()
   '''Call''' '''Wait On Receive'''(``:3mpCat:3KeyConfirmationShare:3'')
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Wait On Receive</span>'''(":3mpCat:3KeyConfirmationShare:3")
   Global <math>keyShareList, keyConfirmationList, signatureList :=</math> '''Call''' '''Receive'''()
+
   Global <math>keyShareList, keyConfirmationList, signatureList :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Receive</span>'''()
   '''Call''' '''Verify Key Confirmations and Signatures'''(<math>keyConfirmationList</math>, <math>signatureList</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Verify Key Confirmations and Signatures</span>'''(<math>keyConfirmationList</math>, <math>signatureList</math>)
   '''Call''' '''Update Session Key'''()
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Update Session Key</span>'''()
   '''Call''' '''Send'''(<math>sessionDigest</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Send</span>'''(<math>sessionDigest</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 74: Line 74:
 
  Input: <math>leaverId</math>
 
  Input: <math>leaverId</math>
 
   Remove <math>leaverId</math> from <math>participantIdList</math>
 
   Remove <math>leaverId</math> from <math>participantIdList</math>
   Global <math>sessionId :=</math> '''Call''' '''Compute Session Id'''()
+
   Global <math>sessionId :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Compute Session Id</span>'''()
   \If{<math>|participantList| > 1</math>}
+
   '''If'''<math>|participantList| > 1</math>''', then'''
  '''Call''' '''Sign and Send Key Shares'''()
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Sign and Send Key Shares</span>'''()
   '''Call''' '''Wait On Receive'''(``:3mpCat:3KeyShare:3'')
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Wait On Receive</span>'''(":3mpCat:3KeyShare:3")
 
   <math>keyShareList</math> := Receive{}
 
   <math>keyShareList</math> := Receive{}
   '''Call''' '''Update Session Key'''(<math>keyShareList</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Update Session Key</span>'''(<math>keyShareList</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 85: Line 85:
 
{{algorithm-begin|name=Sign and Send Key Shares}}
 
{{algorithm-begin|name=Sign and Send Key Shares}}
 
  Input:  
 
  Input:  
   Global <math>z_{myId -1, myId} := SHA-512(k_{myId,myId-1}, sessionId)</math>
+
   Global <math>z_{myId -1, myId} := Hash(k_{myId,myId-1}, sessionId)</math>
   Global <math>z_{myId, myId+1} := SHA-512(k_{myId,myId+1}, sessionId)</math>
+
   Global <math>z_{myId, myId+1} := Hash(k_{myId,myId+1}, sessionId)</math>
 
   <math>keyShare_{myId} := z_{myId -1, myId} \oplus z_{myId, myId+1}</math>
 
   <math>keyShare_{myId} := z_{myId -1, myId} \oplus z_{myId, myId+1}</math>
   <math>originAuthSignature :=</math> '''Call''' '''ED25519Sign'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>z_{myId</math>)
+
   <math>originAuthSignature :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''ED25519Sign</span>'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>z_{myId}</math>)
   '''Call''' '''Broadcast'''(``:3mpCat:3KeyShare:3'', <math>myId</math>, <math>keyShare_{myId</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3KeyShare:3", <math>myId</math>, <math>keyShare_{myId}</math>, <math>originAuthSignature</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 96: Line 96:
 
<!--alg_send-->
 
<!--alg_send-->
 
{{algorithm-begin|name=Send}}
 
{{algorithm-begin|name=Send}}
  Input: Message
+
  Input: Message}{MetaMessage, message
  <math>keyShareMessage</math> = '''Call''' '''NewKeyShareMessage'''(MetaMessage)
+
  <math>keyShareMessage</math> = <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''NewKeyShareMessage</span>'''(MetaMessage)
  <math>cryptMessage</math> := '''Call''' '''AES CTR Encrypt'''(<math>sessionKey</math>,<math>message | keyShareMessage</math>)
+
  <math>cryptMessage</math> := <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''AES CTR Encrypt</span>'''(<math>sessionKey</math>,<math>message | keyShareMessage</math>)
  <math>originAuthSignature</math> := '''Call''' '''ED25519Sign'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>cryptMetatMessage</math>)
+
  <math>originAuthSignature</math> := <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''ED25519Sign</span>'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>cryptMetatMessage</math>)
  <math>sessionDigest</math> := '''Call''' '''Compute Session Digest'''(<math>lastMessage</math>)
+
  <math>sessionDigest</math> := <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Compute Session Digest</span>'''(<math>lastMessage</math>)
  '''Call''' '''Broadcast'''(``:3mpCat:3'', <math>sessionId</math>, <math>cryptMessage</math>, <math>sessionDigest</math>, <math>originAuthSignature</math>,``:3'')
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3", <math>sessionId</math>, <math>cryptMessage</math>, <math>sessionDigest</math>, <math>originAuthSignature</math>,":3")
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 109: Line 109:
 
{{algorithm-begin|name=Receive}}
 
{{algorithm-begin|name=Receive}}
 
  Input: <math>sender</math>, <math>encryptedMessage</math>, <math>originAuthSignature</math>, <math>sessionDigest</math>
 
  Input: <math>sender</math>, <math>encryptedMessage</math>, <math>originAuthSignature</math>, <math>sessionDigest</math>
  <math>v := </math> '''Call''' '''ED25519VerifySignature'''(<math>ephemeralPublicKeyList[Sender]</math>, <math>sessionId || encryptedMessage</math>, <math>originAuthSignature</math>)
+
  <math>v := </math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''ED25519VerifySignature</span>'''(<math>ephemeralPublicKeyList[Sender]</math>, <math>sessionId || encryptedMessage</math>, <math>originAuthSignature</math>)
  '''Call''' '''Assert'''(<math>v</math>)
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Assert</span>'''(<math>v</math>)
  <math>message, keyShareMessage :=</math> '''Call''' '''AES CTR Decrypt'''(<math>sessionKey</math>, <math>encryptedMessage</math>)
+
  <math>message, keyShareMessage :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''AES CTR Decrypt</span>'''(<math>sessionKey</math>, <math>encryptedMessage</math>)
  <math>isMetaMessage = </math>'''Call''' '''UpdateNewKeyStatus'''(<math>keyShareMessage</math>)
+
  <math>isMetaMessage = </math><span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''UpdateNewKeyStatus</span>'''(<math>keyShareMessage</math>)
  '''Call''' '''Verify Digests'''(<math>sessionDiges</math>)
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Verify Digests</span>'''(<math>sessionDiges</math>)
 
  '''Return'''{<math>isMetaMessage, message</math>}
 
  '''Return'''{<math>isMetaMessage, message</math>}
 
{{algorithm-end}}
 
{{algorithm-end}}
Line 128: Line 128:
 
{{algorithm-begin|name=Generate Initial Paramters}}
 
{{algorithm-begin|name=Generate Initial Paramters}}
 
  Input: <math>myId</math>
 
  Input: <math>myId</math>
   <math>signaturePrivateKey := </math> '''Call''' '''RandomBits'''(256)
+
   <math>signaturePrivateKey := </math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''RandomBits</span>'''(256)
   <math>x_{myId} :=</math> '''Call''' '''Ed25519 Scalar'''(<math>signaturePrivateKey</math>))
+
   <math>x_{myId} :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Ed25519 Scalar</span>'''(<math>signaturePrivateKey</math>))
 
   <math>y_{myId} := x_{myId}P</math>
 
   <math>y_{myId} := x_{myId}P</math>
 
   '''Return''' <math>x,y</math>
 
   '''Return''' <math>x,y</math>
Line 138: Line 138:
 
  Input: <math>signatureList</math>, <math>keyConfirmationList</math>
 
  Input: <math>signatureList</math>, <math>keyConfirmationList</math>
 
   '''For each''' <math>participant \in participantList</math>}, '''do'''
 
   '''For each''' <math>participant \in participantList</math>}, '''do'''
     \If{<math>keyConfirmationList[participant][myId] \neq SHA-512(k_{myId,participant}, U_{myId})</math>}
+
     \If{<math>keyConfirmationList[participant][myId] \neq Hash(k_{myId,participant}, U_{myId})</math>}
       '''Call''' '''Halt'''()
+
       <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Halt</span>'''()
       ' \If{'''Call''' '''ED25519VerifySignature'''(<math>ephemeralPublicKeyList[particicpant]</math>, <math>sessionId ||keyShares[myId]</math>, <math>originAuthSignature</math>)'
+
       ' \If{<span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''ED25519VerifySignature</span>'''(<math>ephemeralPublicKeyList[particicpant]</math>, <math>sessionId ||keyShares[myId]</math>, <math>originAuthSignature</math>)'
       '''Call''' '''Halt'''()
+
       <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Halt</span>'''()
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 147: Line 147:
 
{{algorithm-begin|name=Compute Session Id}}
 
{{algorithm-begin|name=Compute Session Id}}
 
  Input: <math>participantList</math>, <math>ephemeralPublicPointList</math>
 
  Input: <math>participantList</math>, <math>ephemeralPublicPointList</math>
   '''Return''' <math>SHA-512(roomeName, zip(participantList, ephemeralPublicPointList))</math> # <math>zip([a,b],[c,d]):=[(a,c),(b,d)]</math>
+
   '''Return''' <math>Hash(roomeName, zip(participantList, ephemeralPublicPointList))</math> # <math>zip([a,b],[c,d]):=[(a,c),(b,d)]</math>
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 163: Line 163:
  
  
   Global <math>z_{myId -1, myId} := SHA-512(k_{myId,myId-1}, sessionId)</math>
+
   Global <math>z_{myId -1, myId} := Hash(k_{myId,myId-1}, sessionId)</math>
   Global <math>z_{myId, myId+1} := SHA-512(k_{myId,myId+1}, sessionId)</math>
+
   Global <math>z_{myId, myId+1} := Hash(k_{myId,myId+1}, sessionId)</math>
 
   <math>keyShare_{myId} := z_{myId -1, myId} \oplus z_{myId, myId+1}</math>
 
   <math>keyShare_{myId} := z_{myId -1, myId} \oplus z_{myId, myId+1}</math>
  
  
     <math>originAuthSignature :=</math> '''Call''' '''ED25519Sign'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>z_{myId</math>)
+
     <math>originAuthSignature :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''ED25519Sign</span>'''(<math>SignatureKey</math>, <math>sessionId</math> || <math>z_{myId}</math>)
   '''Call''' '''Broadcast'''(``:3mpCat:3KeyConfirmationAndShare:3'', <math>myId</math>, <math>keyShare_{myId</math>)
+
   <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3KeyConfirmationAndShare:3", <math>myId</math>, <math>keyShare_{myId}</math>, <math>originAuthSignature</math>, <math>kc_{myId}</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 179: Line 179:
 
   <math>z_{j,j+1} := z_{j-1,j} \oplus keyShareListe[j+1]</math>
 
   <math>z_{j,j+1} := z_{j-1,j} \oplus keyShareListe[j+1]</math>
 
  # recovered <math>z_{i-1,i}</math> should be equal to its original value
 
  # recovered <math>z_{i-1,i}</math> should be equal to its original value
  Global <math>sessionKey := SHA-512(z_{j,j+1} | j \in [1...n])</math>
+
  Global <math>sessionKey := Hash(z_{j,j+1} | j \in [1...n])</math>
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 185: Line 185:
 
{{algorithm-begin|name=Sign Params Update Session Key}}
 
{{algorithm-begin|name=Sign Params Update Session Key}}
 
  Input: <math>toBeSigned</math>, <math>signatureList</math>, <math>keyShareList</math>
 
  Input: <math>toBeSigned</math>, <math>signatureList</math>, <math>keyShareList</math>
  '''Call''' '''Update Session Key'''()
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Update Session Key</span>'''()
  <math>toBeSigned := SHA-512(sessionId, ||SHA-512(verifierList, ephemeralPublicPointList, keyShareList)))</math>
+
  <math>toBeSigned := Hash(sessionId, ||Hash(verifierList, ephemeralPublicPointList, keyShareList)))</math>
  <math>signature_{myId} := </math>'''Call''' '''Sign Session and Send'''(<math>toBeSigned</math>)
+
  <math>signature_{myId} := </math><span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Sign Session and Send</span>'''(<math>toBeSigned</math>)
  '''Call''' '''Broadcast'''(``:3mpCat:3SignedSessionParameters:3'',<math>signature_{myId</math>)
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Broadcast</span>'''(":3mpCat:3SignedSessionParameters:3",<math>signature_{myId}</math>)
 
{{algorithm-end}}
 
{{algorithm-end}}
  
Line 195: Line 195:
 
  Input: <math>lastMessage</math>
 
  Input: <math>lastMessage</math>
 
'''For each''' <math>message</math> in Messages Received from <math>lastDigestedMessage</math>+1 till <math>lastMessage</math>}, '''do'''
 
'''For each''' <math>message</math> in Messages Received from <math>lastDigestedMessage</math>+1 till <math>lastMessage</math>}, '''do'''
  <math>sesionDigest :=</math> '''Call''' '''SHA-512'''(<math>sessionDigest</math>, <math>message</math>)
+
  <math>sesionDigest :=</math> <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''Hash</span>'''(<math>sessionDigest</math>, <math>message</math>)
  '''Call''' '''LRU Cache Store Digest'''(<math>sessionDigest</math>, <math>message</math>)
+
  <span style="font-family: serif; font-size: larger; font-variant:small-caps;"> '''LRU Cache Store Digest</span>'''(<math>sessionDigest</math>, <math>message</math>)
 
  '''Return''' <math>sessionDigest</math>,<math>lastMessageId</math>
 
  '''Return''' <math>sessionDigest</math>,<math>lastMessageId</math>
 
{{algorithm-end}}
 
{{algorithm-end}}

Revision as of 18:56, 28 July 2014

Chatroom setup

Procedure Chatroom Init
Input: newRoomName, participantNick
  Global myId:=1
  Global Nick_{{myId}}:=participantNick
  Global roomName:=newRoomName
  Global x_{{myId}},y_{{myId}}:=  Generate Initial Paramters(myId)
  Global signatureKey_{{myId}}:=(x_{{myId}},y_{{myId}})
  participantList:=[Nick_{{myId}}]
  ephemeralPublicPointList:=[y_{{myId}},y_{{other}}]



Procedure Verify Verifier Generate Init Key
Input: schnorrRandomPoint_{{other}}, Hv_{{other}}, v_{{other}}, y_{{other}}, Nick_{{other}}
   Verify Verifiers()
  Global sessionKey:=Hash(x_{{myId}}y_{{other}},sessionId)
  toBeSigned:=Hash(Hash(sessionId||Hash(y_{1},v_{1})||Hash(y_{2},v_{2})))
   Sign Session and Send(toBeSigned)



Join

Procedure Join
Input: newRoomName, Nickname_{{myId}}, participantId
  Global myId:=participantId
  Global roomName:=newRoomName
  x_{{myId}},y_{{myId}}:= Generate Initial Paramters(Participant ID myId)
  Global signatureKey_{{myId}}:=(x_{{myId}},y_{{myId}})
   Broadcast(":3mpCat:3Join:3", myId, Nickname_{{myId}}, y_{{myId}})
  Global participantList,ephemeralPublicPointList:=  Receive()
  Global sessionId:=  Compute Session Id(roomName, participantList, ephemeralPublicPointList)
   Sign and Send Key Confirmation and Shares()
   Wait On Receive(":3mpCat:3KeyConfirmationShare:3")
  Global keyShareList,keyConfirmationList,signatureList:=  Receive()
   Verify Key Confirmations and Signatures(keyConfirmationList, signatureList)
   Update Session Key()



Procedure Receive Session Digest
Input: currentSessionHistoryDigest
  Global sessionDigest:=currentSessionHistoryDigest



Protocol for other participants already in the chat to accept the newcomer

Procedure Accept
Input: newParticipant
   Broadcast(":3mpCat:3Join:3", myId, Nickname_{{myId}}, y_{{myId}})
   Wait On Receive(":3mpCat:3Join:3")
  Global nick_{{NewParticipant}}, ephemeralPublicPoint_{{NewParticipant}}:=  Receive()
   Update Lists(nick_{{NewParticipant}}, ephemeralPublicPoint_{{NewParticipant}})
  Global sessionId:=  Compute Session Id(roomName, participantList, ephemeralPublicPointList)
   Sign and Send Key Confirmation and Shares()
   Wait On Receive(":3mpCat:3KeyConfirmationShare:3")
  Global keyShareList,keyConfirmationList,signatureList:=  Receive()
   Verify Key Confirmations and Signatures(keyConfirmationList, signatureList)
   Update Session Key()
   Send(sessionDigest)


Farewell

Procedure Shrink on Leave
Input: leaverId
  Remove leaverId from participantIdList
  Global sessionId:=  Compute Session Id()
 If|participantList|>1, then
   Sign and Send Key Shares()
   Wait On Receive(":3mpCat:3KeyShare:3")
  keyShareList := Receive{}
   Update Session Key(keyShareList)



Procedure Sign and Send Key Shares
Input: 
  Global z_{{myId-1,myId}}:=Hash(k_{{myId,myId-1}},sessionId)
  Global z_{{myId,myId+1}}:=Hash(k_{{myId,myId+1}},sessionId)
  keyShare_{{myId}}:=z_{{myId-1,myId}}\oplus z_{{myId,myId+1}}
  originAuthSignature:=  ED25519Sign(SignatureKey, sessionId || z_{{myId}})
   Broadcast(":3mpCat:3KeyShare:3", myId, keyShare_{{myId}}, originAuthSignature)


Send

Procedure Send
Input: Message}{MetaMessage, message
keyShareMessage =  NewKeyShareMessage(MetaMessage)
cryptMessage :=  AES CTR Encrypt(sessionKey,message|keyShareMessage)
originAuthSignature :=  ED25519Sign(SignatureKey, sessionId || cryptMetatMessage)
sessionDigest :=  Compute Session Digest(lastMessage)
 Broadcast(":3mpCat:3", sessionId, cryptMessage, sessionDigest, originAuthSignature,":3")


Recieve

Procedure Receive
Input: sender, encryptedMessage, originAuthSignature, sessionDigest
v:=  ED25519VerifySignature(ephemeralPublicKeyList[Sender], sessionId||encryptedMessage, originAuthSignature)
 Assert(v)
message,keyShareMessage:=  AES CTR Decrypt(sessionKey, encryptedMessage)
isMetaMessage= UpdateNewKeyStatus(keyShareMessage)
 Verify Digests(sessionDiges)
Return{isMetaMessage,message}


\subsection{Common functions}


Common functions used by other procedures in different stages

Procedure Generate Initial Paramters
Input: myId
  signaturePrivateKey:=  RandomBits(256)
  x_{{myId}}:=  Ed25519 Scalar(signaturePrivateKey))
  y_{{myId}}:=x_{{myId}}P
 Return x,y



Procedure Verify Key Confirmation and Signatures
Input: signatureList, keyConfirmationList
  For each participant\in participantList}, do
    \If{keyConfirmationList[participant][myId]\neq Hash(k_{{myId,participant}},U_{{myId}})}
       Halt()
     ' \If{ ED25519VerifySignature(ephemeralPublicKeyList[particicpant], sessionId||keyShares[myId], originAuthSignature)'
       Halt()



Procedure Compute Session Id
Input: participantList, ephemeralPublicPointList
  Return Hash(roomeName,zip(participantList,ephemeralPublicPointList)) # zip([a,b],[c,d]):=[(a,c),(b,d)]



Procedure Verify Signatures
Input: longPublicList,schnorrRandomPointList, 



Procedure Sign and Send Key Confirmation and Share
Input: schnorrRandomPointList
For each participant\in participantList, do
    k_{{myId,participant}}:=H(g^{{lp_{{myId}}}}LP_{{participant}}y_{{participant}}^{{x_{{myId}}}}) # Triple DH
    kc_{{myId}}:=kc_{{myId}}|H(k_{{myId,participant}},U_{{participant}})



  Global z_{{myId-1,myId}}:=Hash(k_{{myId,myId-1}},sessionId)
  Global z_{{myId,myId+1}}:=Hash(k_{{myId,myId+1}},sessionId)
  keyShare_{{myId}}:=z_{{myId-1,myId}}\oplus z_{{myId,myId+1}}



    originAuthSignature:=  ED25519Sign(SignatureKey, sessionId || z_{{myId}})
   Broadcast(":3mpCat:3KeyConfirmationAndShare:3", myId, keyShare_{{myId}}, originAuthSignature, kc_{{myId}})



Procedure Update Session Key
Input: keyShareList
i:=myId

For each {j\in [i,...,i+n-1]}}, do 

  z_{{j,j+1}}:=z_{{j-1,j}}\oplus keyShareListe[j+1]
# recovered z_{{i-1,i}} should be equal to its original value
Global sessionKey:=Hash(z_{{j,j+1}}|j\in [1...n])



Procedure Sign Params Update Session Key
Input: toBeSigned, signatureList, keyShareList
 Update Session Key()
toBeSigned:=Hash(sessionId,||Hash(verifierList,ephemeralPublicPointList,keyShareList)))
signature_{{myId}}:= Sign Session and Send(toBeSigned)
 Broadcast(":3mpCat:3SignedSessionParameters:3",signature_{{myId}})



Procedure ComputeSessionDigest
Input: lastMessage

For each message in Messages Received from lastDigestedMessage+1 till lastMessage}, do 

sesionDigest:=  Hash(sessionDigest, message)
 LRU Cache Store Digest(sessionDigest, message)
Return sessionDigest,lastMessageId
Retrieved from "https://learn.equalit.ie/mw/index.php?title=MpOTR/algorithm_dump&oldid=604"