commit 84874958e6f66485f4912ad4274daf5d7ce85a6e
parent debb299627e5aefcacf0d8129e51cf1abe5299be
Author: Schanzenbach, Martin <mschanzenbach@posteo.de>
Date: Mon, 9 Sep 2019 22:25:12 +0200
more crypto
Diffstat:
1 file changed, 34 insertions(+), 10 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
@@ -108,30 +108,35 @@
<t>
Given a GNS record block a symmetric encryption scheme is used to
en-/decrypt "BDATA". The keys are derived from the record label "l"
- and the public key "P". Both "l" and "P" are implicity known by the
- GNS resolver. The key material "K" is derived as follows:
+ and a public key "dG", where "d" is an ECDSA private key and "G"
+ is a EC generator. "d" and "dG" are derived from the public/private
+ key pair "x,P" of a GNS zone.
+ Both "l" and "P" are implicity known by the GNS resolver.
+ The key material "K" and initialization vector "IV"
+ are derived as follows:
</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
h := SHA512 (l,P)
d := h*x mod n
- K := HKDF (P,l)
+ K := HKDF (dG,l,"gns-aes-ctx-key")
+ IV := HKDF (dG,l,"gns-aes-ctx-iv")
]]></artwork>
<t>
"HKDF" is a hash-based key derivation function as defined in
<xref target="RFC5869" />. For the XTR, we use HMAC-SHA512 and
- HMAC-SHA256 in PRF as proposed in (paper). Using this HKDF, we
- derive two symmetric 256-bit keys "Ka,Kt" from "K":
+ HMAC-SHA256 in PRF as proposed in (paper). We divide "K" into a
+ 256-bit AES key "Kaes" and a 256-bit TWOFISH key "Ktwo".
</t>
<figure anchor="figure_hddf_keys">
<artwork name="" type="" align="left" alt=""><![CDATA[
0 8 16 24 32 40 48 56
+-----+-----+-----+-----+-----+-----+-----+-----+
- | AES KEY |
+ | AES KEY (Kaes) |
| |
| |
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
- | TWOFISH KEY |
+ | TWOFISH KEY (Ktwo) |
| |
| |
| |
@@ -139,12 +144,31 @@
]]></artwork>
<!-- <postamble>which is a very simple example.</postamble>-->
</figure>
+ <t>
+ Similarly, we divide "IV" into a 128-bit initialization vector IVaes
+ and a 128-bit initialization vector IVtwo:
+ </t>
+ <figure anchor="figure_hddf_keys">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+ 0 8 16 24 32 40 48 56
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | AES IV (IVaes) |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | TWOFISH IV (IVtwo) |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ ]]></artwork>
+ <!-- <postamble>which is a very simple example.</postamble>-->
+ </figure>
<t>
- The two symmetric keys are used for a AES+TWOFISH combined cipher:
+ The symmetric keys and IVs are used for a AES+TWOFISH combined
+ cipher. Both ciphers are used in CFB (ref) mode.
</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
- RDATA := TWOFISH256(Kt, AES256(Ka, BDATA))
+ RDATA := AES256(Kaes, IVaes, TWOFISH256(Ktwo, IVtwo, BDATA))
+ BDATA := TWOFISH256(Ktwo, IVtwo, AES256(Kaes, IVaes, RDATA))
]]></artwork>
</section>
@@ -163,7 +187,7 @@
| |
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
- | RDATA SIZE | TYPE |
+ | DATA SIZE | TYPE |
+-----+-----+-----+-----+-----+-----+-----+-----+
| FLAGS | DATA |
+-----+-----+-----+-----+ |
