MpOTR/algorithm dump
Contents
[hide]Chatroom setup
Procedure Chatroom Init Input:,
global
global
global
global
Generate Initial Paramters(
) global
![]()
![]()
![]()
Procedure Verify Verifier Generate Init Key Input:,
,
,
,
Verify Verifiers() global
![]()
Sign Session and Send(
)
Join
Procedure Join Input:,
,
global
global
![]()
Generate Initial Paramters(
) global
Broadcast(":3mpCat:3Join:3",
,
,
) global
Receive() global
Compute Session Id(
,
,
) Sign and Send Key Confirmation and Shares() Wait On Receive(":3mpCat:3KeyConfirmationShare:3") global
Receive() Verify Key Confirmations and Signatures(
,
) Update Session Key()
Procedure Receive Session Digest Input:global
![]()
Protocol for other participants already in the chat to accept the newcomer
Procedure Accept Input:Broadcast(":3mpCat:3Join:3",
,
,
) Wait On Receive(":3mpCat:3Join:3") global
,
Receive() Update Lists(
,
) global
Compute Session Id(
,
,
) Sign and Send Key Confirmation and Shares() Wait On Receive(":3mpCat:3KeyConfirmationShare:3") global
Receive() Verify Key Confirmations and Signatures(
,
) Update Session Key() Send(
)
Farewell
Procedure Shrink on Leave Input:remove
from
global
Compute Session Id() if
, then Sign and Send Key Shares() Wait On Receive(":3mpCat:3KeyShare:3")
:= Receive() Update Session Key(
)
Procedure Sign and Send Key Shares Input: globalglobal
![]()
![]()
ED25519Sign(
,
||
) Broadcast(":3mpCat:3KeyShare:3",
,
,
) # we can send this encrypted but leaving person can read it, hence theoretically it is the same as sending it unencrypted.
Send
Procedure Send Input:,
![]()
= NewKeyShareMessage(
)
:= AES CTR Encrypt(
,
)
:= ED25519Sign(
,
||
)
:= Compute Session Digest(
) Broadcast(":3mpCat:3",
,
,
,
,":3")
Recieve
Procedure Receive Input:,
,
,
![]()
ED25519VerifySignature(
,
,
) Assert(
) or return Reject
AES CTR Decrypt(
,
){}
UpdateNewKeyStatus(
) Verify Digests(
) return{
} # isMetaMessage is true if the message is purely meta message and there is nothing to display
Common functions used by other procedures in different stages
Procedure Generate Initial Paramters Input:![]()
RandomBits(256)
Ed25519 Scalar(
)) #{This is both Diffie-Hellman secret and ephemeral signature private key}
return
![]()
Procedure Verify Key Confirmation and Signatures Input:,
for each
, do if
, then Halt() else if ED25519VerifySignature(
,
,
) = Fail , then Halt()
Procedure Compute Session Id Input:,
return
#
![]()
Procedure Verify Signatures Input:,
, # standard signature verification
Procedure Sign and Send Key Confirmation and Share Input:for each
, do
# Triple DH
global
global
![]()
![]()
ED25519Sign(
,
||
) Broadcast(":3mpCat:3KeyConfirmationAndShare:3",
,
,
,
)
Procedure Update Session Key Input:![]()
for each
, do
# recovered
should be equal to its original value global
![]()
Procedure Sign Params Update Session Key Input:,
,
Update Session Key()
![]()
Sign Session and Send(
) Broadcast(":3mpCat:3SignedSessionParameters:3",
)
Procedure ComputeSessionDigest Input:for each
in Messages Received from
+1 till
, do
LRU Cache Store Digest(
,
) return
,
![]()
Procedure NewKeyShareMessage Input:# Based on metaMessage Determines what type of keyshare needs to be send (Ephemeral point or Group key share) and returen it.
Procedure UpdateNewKeyStatus Input:# Update the table of which participant has sent its new ephemeral point or its new group key share
Procedure Hash Input:return SHA-512(
)