Changes
more math fixes
{| border="1" cellspacing="0" cellpadding="5" align="center"
!align="center"|Round
!align="center"|Step
!align="right"|Description
!align="center"|Type
|-
|align="center"| Round 1
|align="center"|1
|align="right"|Generate ephemeral DH private key
|align="center"|Broadcast
|-
|align="center"| Round 2
|align="center"|4
|align="right" |Receive other party id and ephemeral DH public key
|}
===''GroupEnc'' and ''GroupDec'' functions===
For the high level design of the protocol we do not specify the primitives for ''GroupEnc'' and ''GroupDec'' used in steps '''XX''' and '''XX''' as part of the protocol, as we do not specifies the Hash function and the block cipher. We explain their property here. We choose a candidate in section IX.4.
|-
|align="right"| Initiate the last_sender_seq_num array
|align="center"|<math>last_sender_seq_num last\_sender\_seq\_num \leftarrow (0,...,0)</math>
|align="center"|Computation
|-
|align="right"| Initiate the own_seq_num to 0
|align="center"|<math>own_seq_num own\_seq\_num \leftarrow 0 </math>
|align="center"|Computation
|}
meta message contains a message has the following format
meta_only flag , ustate_1, ..., ustate_n, current_load
If meta_only flag is true then User message is ignored and client is informed not display anything
<math>ustate_i </math> flag = \{0: sender has no key update from <math>U_i<\math>, :1 : sender has received a new ephemeral key from <math>U_i</math>, :2 : user has received secret share from <math>U_i}<\math>}
current_load = (load_flag, load)
|-
|align="right"| Increment own sequence number
|align="center"|<math> own_seq_num own\_seq\_num \leftarrow own_seq_numown\_seq\_num+1 </math>
|align="center"|Computation
|-
|align="right"| Append the hash of the TranscriptChain, up to the parent of the message being sent
|align="center"|<math> m \leftarrow (m, H(H(parent(m)), H(TransciptChain^S_i[parent(m)-1])), parent\_id(m), own_seq_numown\_seq\_num) </math>
|align="center"|Computation
|-
|-
|align="right"|Set ACK timeout timer if the message has user content
|align="center"|<math>meta_only meta\_only \stackrel{?}=</math> False then ResetHeartbeatTimer()
|align="center"|Computation
|}
|-
|align="right"| Compute message sequence number
|align="center"|<math> seqnum(m) \leftarrow ComputeSeqNum(m) </math>ComputeSeqNum(''m'')
|align="center"|Computation
|-
|align="right"| Verify session id and transcript consistency and sender sequence number, issue a warning in case of failure
|align="center"|<math> sid_i \stackrel{?}{=} sid_{rec} \; </math> and <math> \; h \stackrel{?}{=} H(H(parent(m)), H(TranscriptChain^S_i[parent(m)-1])) </math> and </math> sender_seq_num sender\_seq\_num \stackrel{?}{>} last_own_seq_numslast\_own\_seq\_nums[sender_id] </math>
|align="center"|Computation
|-
|-
|align="right"| Update sender sequence number record
|align="center"|<math>last_own_seq_numslast\_own\_seq\_nums[sender_id] \leftarrow sender_seq_num sender\_seq\_num </math>
|align="center"|Computation
|-
|-
|align="right"| Update ack timeout timer
|align="center"|AxeAckTimeoutTimer<math>AxeAckTimeoutTimer(parent(m),sender_i)</math>
|align="center"|Computation
|-
|align="right"| Update rekey timeout timer
|align="center"ResetRekeyTimeOut|<math>ResetRekeyTimeOut(sender_i)</math>
|align="center"|Computation
|-
|align="right"| If the message has content set up ACK timer
|align="center"|<math>meta_only meta\_only \stackrel{?}= True</math> then <math>SetACKTimer(m)</math>
|align="center"|Computation
|-
|align="right"| return m
|align="center"|If <math>meta_only meta\_only \stackrel{?}{=} False</math> then return ''m''|align="center"|Computation
|}
|-
|align="right"| For all confirmed users not in session call ''P2P Send''
|align="center"|<math> P2P Send </math>
|align="center"|Broadcast
|}
|-
|align="right"| If ''m'' has key id, call ''P2P Receive''
|align="center"|<math> P2P Send </math>
|align="center"|Computation
|}
|align="center"|Computation
|-
|align="right"| Compute message sequence numberreturn m|align="center"|<math> seqnum(m) \leftarrow ComputeSeqNum(return ''m) </math>''
|align="center"|Computation
|}
!align="center"|Type
|-
|align="right"| <math> Initiate meta data with current state of knowledge of new ephemeral keys and secret shares </math>|align="center"|<math> meta_data meta\_data \leftarrow ustate_i[j] \forall 1 \ge j \ge n</math>for all ''j'' in {1,...''n}
|align="center"|Computation
|-
|align="right"| <math>Include the new ephemeral key if participant <math>U_j has not receive it </math>has not receive it|align="center"|<math> if <math>ustate_i[j] \stackrel{?}{=} 0</math> meta_data meta\_data \leftarrow <math>y_{i_{new}}</math>
|align="center"|Computation
|-
|align="right"| if If (all) participants has have sent their ephemeral keys compute the shared secret|align="center"|<math>if <math>ustate_{j}[i] \stackrel{?}{=} 1 \forall 1 \ge j \ge n</math> add for all ''j''in {1,...''n}, then <math> meta_data meta\_data \leftarrow (meta_datameta\_data, GroupEnc(k_{i_j} for j \in \{1,\dots,n\}, z'))</math>
|align="center"|Computation
|-
|align="right"| Return meta data
|align="center"|return ''meta_data''
|align="center"|Computation
|}
|-
|align="right"| Drop inactive users
|align="center"|<math> plist_i \leftarrow plist_i \backslash inactive_participant_listinactive\_participant\_list</math>
|align="center"|Computation
|-
|align="right"|Compute Recompute Session Id|align="center"|<math>sid_i \leftarrow H(U_1|y_1|\dots|U_nU_{n_{active}}|y_ny_{n_{active}})</math>
|align="center"|Computation
|-
|align="right"| Set up timer to request a new session
|align="center"|<math> SetTimer(PLIST_UPDATE_GRACE_INTERVAL, \textrm{initiate new session})</math>b
|align="center"|Computation
|}
