lsd0007

LSD0007: GNUnet communicators
Log | Files | Refs
commit 85a2f1fc8799489bbcfa0b0fcd23dad40befe7c1
parent 5cc9711efffd621b871a129e7cac2d828718df31
Author: Martin Schanzenbach <schanzen@gnunet.org>
Date:   Wed, 19 Jun 2024 09:41:17 +0200

more tcp cleanup

Diffstat:

Mdraft-gnunet-communicators.xml | 21+++++++++------------


1 file changed, 9 insertions(+), 12 deletions(-)

diff --git a/draft-gnunet-communicators.xml b/draft-gnunet-communicators.xml
@@ -758,20 +758,17 @@ DeriveKID(MSK,SEQ):
      <section anchor="tcp_handshake" numbered="true" toc="default">
        <name>Handshake</name>
       <t>
-      The main purpose of the handshake is to establish shared key material for each direction of the communication 
-      channel. The initiating TCP Communicator starts the handshake by sending an ephemeral X25519 public key, 
-      which is necessary to perform the X25519-based key exchange defined in <xref target="tcp_KEM"/>. As the 
-      public key can not be encrypted at this stage of the communication channel it <bcp14>MUST</bcp14> be encoded 
-      using the Elligator encoding function.
-      In contrast to the plain public key, the encoded public key (also called the representative) is indistinguishable 
-      from a random-looking byte stream, which protects against censors targeting messages containing cryptographic 
-      material.
+      The main purpose of the handshake is to establish shared key material for each direction of the communication
+      channel.
+      The initiating TCP Communicator starts the handshake by sending an encapsulation from the Elligator KEM
+      defined in<xref target="elligator_kem"/>.
       </t>
       <t>
-      The sent public key <bcp14>MUST</bcp14> be directly followed by an encrypted TCP handshake message as shown 
-      in <xref target="figure_tcp_handshake"/>. In addition to the peer identity of the sender and a timestamp, it 
-      contains a nonce as a challenge for the receiving TCP communicator. All this data is authenticated via a 
-      signature, which is also included in the TCP handshake message. 
+      The encapsulation <bcp14>MUST</bcp14> be directly followed by an encrypted TCP handshake message as shown in
+      <xref target="figure_tcp_handshake"/>.
+      In addition to the peer identity of the sender and a timestamp, it contains a nonce as a challenge for the
+      receiving TCP communicator.
+      All data is authenticated with signature.
       </t>
        <figure anchor="figure_tcp_handshake" title="The binary representation of the TCP handshake message.">
          <artwork name="" type="" align="left" alt=""><![CDATA[