MozillaWiki

Services/KeyExchange: Difference between revisions

Page Discussion

Services/KeyExchange (view source)

Revision as of 14:50, 15 October 2010

8 bytes removed ,  15 October 2010
→‎Overview
Line 40: Line 40:
   <li>Mobile and Desktop complete the two roundtrips of JPAKE messages to agree upon a secret key.</li>
   <li>Mobile and Desktop complete the two roundtrips of JPAKE messages to agree upon a secret key.</li>
   <li>The secret key is the sha256 hash of the K number, as returned by python-jpake.</li>
   <li>The secret key is the sha256 hash of the K number, as returned by python-jpake.</li>
   <li>In third round trip, Mobile hashes the key using SHA256d (=hash twice with SHA256) and uploads it. Desktop verifies it against its key and uploads the encrypted credentials in turn, adding a SHA256-HMAC hash of the cleartext. Mobile verifies whether Desktop had the right key by checking the decrypted cleartext against the SHA256-HMAC hash.</li>
   <li>In third round trip, Mobile hashes the key using SHA256d (=hash twice with SHA256) and uploads it. Desktop verifies it against its key and uploads the encrypted credentials in turn, adding a SHA256-HMAC hash of the ciphertext. Mobile verifies whether Desktop had the right key by checking the ciphertext against the SHA256-HMAC hash.</li>
</ul>
</ul>


St3fan
Confirmed users
971

edits

Retrieved from "https://wiki.allizom.org/Special:MobileDiff/261200"