commit 3971fd19d6add50b8d695b00c0e4186cf4ca096d
parent 7cd9bf223acec1b0011e275910279f90af714f49
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date: Fri, 28 Jul 2023 23:18:54 +0200
Notes on header of UDP comm
Diffstat:
1 file changed, 16 insertions(+), 33 deletions(-)
diff --git a/draft-gnunet-communicators.xml b/draft-gnunet-communicators.xml
@@ -244,12 +244,17 @@
This method of sending messages to a peer can be used indefinitely, but is ineffienct since for every
message, a new symmetric key must be established.
</t>
+ <t>
+ All metadata for headers is chosen such that they are indistinguishable from random.
+ For the use of (ephemeral) ECC public key material, this probably requires the use of additional randomization
+ techniques such as Elligator (TODO).
+ There are three distinct message types that are sent and received by UDP communciators: KX, BOX, REKEY and BROADCAST.
+ In any case, the common header is 32 + 16 bytes in length.
+ </t>
<figure anchor="figure_udp_initialkx" title="The binary representation of the initial key exchange packet.">
<artwork name="" type="" align="left" alt=""><![CDATA[
0 8 16 24
+-----+-----+-----+-----+-----+-----+-----+-----+
-| SIZE | TYPE (0x0X) |
-+-----+-----+-----+-----+-----+-----+-----+-----+
| EPHEMERAL PUBLIC KEY |
| |
| |
@@ -264,26 +269,11 @@
| |
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
-| REKEY |
-| |
-| |
-| |
-+-----+-----+-----+-----+-----+-----+-----+-----+
/ ENCRYPTED DATA /
+-----+-----+-----+-----+-----+-----+-----+-----+
]]></artwork>
</figure>
<dl>
- <dt>SIZE</dt>
- <dd>
- A 16-bit value containing the length of the message in bytes
- in network byte order.
- </dd>
- <dt>TYPE</dt>
- <dd>
- A 16-bit type flag in network byte order. The value of this
- field <bcp14>MUST</bcp14> be XXXX.
- </dd>
<dt>EPHEMERAL PUBLIC KEY</dt>
<dd>
A 256-bit EdDSA public key. This key is used as input to a Diffie-Hellman KEM to decapsulate
@@ -439,14 +429,16 @@
<artwork name="" type="" align="left" alt=""><![CDATA[
0 8 16 24
+-----+-----+-----+-----+-----+-----+-----+-----+
-| SIZE | TYPE (0x0X) |
-+-----+-----+-----+-----+-----+-----+-----+-----+
-| GCM TAG |
+| KEY ID |
+| |
+| |
+| |
+| |
| |
| |
| |
+-----+-----+-----+-----+-----+-----+-----+-----+
-| REKEY |
+| GCM TAG |
| |
| |
| |
@@ -456,24 +448,15 @@
]]></artwork>
</figure>
<dl>
- <dt>SIZE</dt>
- <dd>
- A 16-bit value containing the length of the message in bytes
- in network byte order.
- </dd>
- <dt>PURPOSE</dt>
+ <dt>KEY ID</dt>
<dd>
- A 16-bit type flag in network byte order. The value of this
- field <bcp14>MUST</bcp14> be XXXX.
+ A 256-bit value containing the ID of the symmetric key to
+ use for decryption.
</dd>
<dt>GCM TAG</dt>
<dd>
A 128-bit GCM tag used to authenticate the ciphertext immediately following this KX.
</dd>
- <dt>REKEY</dt>
- <dd>
- A 128-bit rekey flag. If any bit is set, this indicates a rekey.
- </dd>
<dt>ENCRYPTED DATA</dt>
<dd>
The remaining data (as indicated by SIZE) is AES-GCM encrypted using the current session key and authenticated
