canmove, Confirmed users
640
edits
Services/Sync/SimplifiedCrypto: Difference between revisions
Jump to navigation
Jump to search
m
Services/Sync/SimplifiedCrypto (view source)
Revision as of 20:43, 26 October 2010
, 26 October 2010→Passphrase
(Adding proposal in more detail.) |
m (→Passphrase) |
||
| Line 40: | Line 40: | ||
* Spot old version | * Spot old version | ||
* | * Get a salt ('''Proposal''': use the Services.syncID from the meta/global object. Presumably the client will be bumping this…) | ||
* Apply PBKDF2 to salt and passphrase to yield our new AES key | * Apply PBKDF2 to salt and passphrase to yield our new AES key | ||
* Generate bulk keys, encrypt | * Generate bulk keys, encrypt | ||
| Line 47: | Line 47: | ||
So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or J-PAKE-style key distribution. | So long as the salt is available, other clients can apply PBKDF2 to their stored passphrase and the salt to yield the new key without any re-entry or J-PAKE-style key distribution. | ||
=== Bulk keys === | === Bulk keys === | ||