diff options
author | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-10-05 22:17:14 +0200 |
---|---|---|
committer | Schanzenbach, Martin <mschanzenbach@posteo.de> | 2019-10-05 22:17:14 +0200 |
commit | 0953de08695ccf307c73f161120e8df8f84255ab (patch) | |
tree | 97f7758a69368a9113dbcb0348dfcceebd36eb28 | |
parent | 29a6435b02edfa6884075a038984d2ec9b0c29df (diff) | |
download | lsd0001-0953de08695ccf307c73f161120e8df8f84255ab.tar.gz lsd0001-0953de08695ccf307c73f161120e8df8f84255ab.zip |
update math, privacy notes
-rw-r--r-- | draft-schanzen-gns.html | 6 | ||||
-rw-r--r-- | draft-schanzen-gns.txt | 12 | ||||
-rw-r--r-- | draft-schanzen-gns.xml | 6 |
3 files changed, 10 insertions, 14 deletions
diff --git a/draft-schanzen-gns.html b/draft-schanzen-gns.html index 258e1cd..e8a363c 100644 --- a/draft-schanzen-gns.html +++ b/draft-schanzen-gns.html | |||
@@ -1204,8 +1204,6 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le | |||
1204 | GNS employs the curve parameters of the twisted edwards representation | 1204 | GNS employs the curve parameters of the twisted edwards representation |
1205 | of Curve25519 <span>[<a href="#RFC7748" class="xref">RFC7748</a>]</span> (a.k.a. edwards25519) | 1205 | of Curve25519 <span>[<a href="#RFC7748" class="xref">RFC7748</a>]</span> (a.k.a. edwards25519) |
1206 | with the ECDSA scheme (<span>[<a href="#RFC6979" class="xref">RFC6979</a>]</span>). | 1206 | with the ECDSA scheme (<span>[<a href="#RFC6979" class="xref">RFC6979</a>]</span>). |
1207 | The deterministic property of ECDSA (as opposed to EdDSA) is required | ||
1208 | in order to achieve zone privacy. | ||
1209 | In the following, we use the following naming convention for our | 1207 | In the following, we use the following naming convention for our |
1210 | cryptographic primitives:<a href="#section-2-1" class="pilcrow">¶</a></p> | 1208 | cryptographic primitives:<a href="#section-2-1" class="pilcrow">¶</a></p> |
1211 | <dl class="dlParallel" id="section-2-2"> | 1209 | <dl class="dlParallel" id="section-2-2"> |
@@ -1575,8 +1573,8 @@ async function addMetadata(){try{const e=document.styleSheets[0].cssRules;for(le | |||
1575 | <pre> | 1573 | <pre> |
1576 | PRK_h := HKDF-Extract ("key-derivation", zk) | 1574 | PRK_h := HKDF-Extract ("key-derivation", zk) |
1577 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) | 1575 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) |
1578 | d_h := h*d mod L | 1576 | d_h := h mod L * d |
1579 | zk_h := h*zk mod L | 1577 | zk_h := h mod L * zk |
1580 | q := SHA512 (zk_h) | 1578 | q := SHA512 (zk_h) |
1581 | </pre><a href="#section-4.1-2" class="pilcrow">¶</a> | 1579 | </pre><a href="#section-4.1-2" class="pilcrow">¶</a> |
1582 | </div> | 1580 | </div> |
diff --git a/draft-schanzen-gns.txt b/draft-schanzen-gns.txt index 4d349f1..10349bc 100644 --- a/draft-schanzen-gns.txt +++ b/draft-schanzen-gns.txt | |||
@@ -139,10 +139,8 @@ Internet-Draft The GNU Name System July 2019 | |||
139 | where d is the private key and zk the corresponding public key. GNS | 139 | where d is the private key and zk the corresponding public key. GNS |
140 | employs the curve parameters of the twisted edwards representation of | 140 | employs the curve parameters of the twisted edwards representation of |
141 | Curve25519 [RFC7748] (a.k.a. edwards25519) with the ECDSA scheme | 141 | Curve25519 [RFC7748] (a.k.a. edwards25519) with the ECDSA scheme |
142 | ([RFC6979]). The deterministic property of ECDSA (as opposed to | 142 | ([RFC6979]). In the following, we use the following naming |
143 | EdDSA) is required in order to achieve zone privacy. In the | 143 | convention for our cryptographic primitives: |
144 | following, we use the following naming convention for our | ||
145 | cryptographic primitives: | ||
146 | 144 | ||
147 | d is a 256-bit ECDSA private key. In GNS, records are signed using | 145 | d is a 256-bit ECDSA private key. In GNS, records are signed using |
148 | a key derived from "d" as described in Section 4. | 146 | a key derived from "d" as described in Section 4. |
@@ -165,6 +163,8 @@ Internet-Draft The GNU Name System July 2019 | |||
165 | 163 | ||
166 | 164 | ||
167 | 165 | ||
166 | |||
167 | |||
168 | Schanzenbach, et al. Expires 24 January 2020 [Page 3] | 168 | Schanzenbach, et al. Expires 24 January 2020 [Page 3] |
169 | 169 | ||
170 | Internet-Draft The GNU Name System July 2019 | 170 | Internet-Draft The GNU Name System July 2019 |
@@ -439,8 +439,8 @@ Internet-Draft The GNU Name System July 2019 | |||
439 | 439 | ||
440 | PRK_h := HKDF-Extract ("key-derivation", zk) | 440 | PRK_h := HKDF-Extract ("key-derivation", zk) |
441 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) | 441 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) |
442 | d_h := h*d mod L | 442 | d_h := h mod L * d |
443 | zk_h := h*zk mod L | 443 | zk_h := h mod L * zk |
444 | q := SHA512 (zk_h) | 444 | q := SHA512 (zk_h) |
445 | 445 | ||
446 | 446 | ||
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml index 7685872..0972088 100644 --- a/draft-schanzen-gns.xml +++ b/draft-schanzen-gns.xml | |||
@@ -117,8 +117,6 @@ | |||
117 | GNS employs the curve parameters of the twisted edwards representation | 117 | GNS employs the curve parameters of the twisted edwards representation |
118 | of Curve25519 <xref target="RFC7748" /> (a.k.a. edwards25519) | 118 | of Curve25519 <xref target="RFC7748" /> (a.k.a. edwards25519) |
119 | with the ECDSA scheme (<xref target="RFC6979" />). | 119 | with the ECDSA scheme (<xref target="RFC6979" />). |
120 | The deterministic property of ECDSA (as opposed to EdDSA) is required | ||
121 | in order to achieve zone privacy. | ||
122 | In the following, we use the following naming convention for our | 120 | In the following, we use the following naming convention for our |
123 | cryptographic primitives: | 121 | cryptographic primitives: |
124 | </t> | 122 | </t> |
@@ -446,8 +444,8 @@ | |||
446 | <artwork name="" type="" align="left" alt=""><![CDATA[ | 444 | <artwork name="" type="" align="left" alt=""><![CDATA[ |
447 | PRK_h := HKDF-Extract ("key-derivation", zk) | 445 | PRK_h := HKDF-Extract ("key-derivation", zk) |
448 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) | 446 | h := HKDF-Expand (PRK_h, label | "gns", 512 / 8) |
449 | d_h := h*d mod L | 447 | d_h := h mod L * d |
450 | zk_h := h*zk mod L | 448 | zk_h := h mod L * zk |
451 | q := SHA512 (zk_h) | 449 | q := SHA512 (zk_h) |
452 | ]]></artwork> | 450 | ]]></artwork> |
453 | <t> | 451 | <t> |