[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-commits] [torspec/master] prop269: Removed hash of initial XTR salt
commit 8de17fa1b84c59a74178aba57c146bfb431801cf
Author: John M. Schanck <jschanck@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri Oct 14 14:05:18 2016 -0400
prop269: Removed hash of initial XTR salt
---
proposals/269-hybrid-handshake.txt | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/proposals/269-hybrid-handshake.txt b/proposals/269-hybrid-handshake.txt
index 76b32c0..eb35180 100644
--- a/proposals/269-hybrid-handshake.txt
+++ b/proposals/269-hybrid-handshake.txt
@@ -168,7 +168,7 @@ Status: Draft
s2, C := KEM_ENC(EPK)
The server extracts the seed:
- SALT := H(ID | A | X | EPK)
+ SALT := ID | A | X | EPK
secret := s0 | s1 | s2
seed := EXTRACT(SALT, secret)
@@ -190,7 +190,7 @@ Status: Draft
s2 := KEM_DEC(C, esk)
The client then derives the seed:
- SALT := H(ID | A | X | EPK)
+ SALT := ID | A | X | EPK
secret := s0 | s1 | s2
seed := EXTRACT(SALT, secret);
@@ -225,7 +225,7 @@ Status: Draft
| s0 := H(DH_MUL(X,a)) |
| s1 := DH_MUL(X,y) |
| s2, C := KEM_ENC(EPK) |
- | SALT := H(ID | A | X | EPK) |
+ | SALT := ID | A | X | EPK |
| secret := s0 | s1 | s2 |
| seed := EXTRACT(SALT, secret) |
| verify := EXPAND(seed, T_AUTH, MU) |
@@ -239,7 +239,7 @@ Status: Draft
| s0 := H(DH_MUL(A,x)) |
| s1 := DH_MUL(Y,x) |
| s2 := KEM_DEC(C, esk) |
- | SALT := H(ID | A | X | EPK) |
+ | SALT := ID | A | X | EPK |
| secret := s0 | s1 | s2 |
| seed := EXTRACT(SALT, secret) |
| verify := EXPAND(seed, T_AUTH, MU) |
@@ -279,7 +279,7 @@ Status: Draft
key := EXPAND(seed, M_EXPAND, KEY_LEN)
In hybrid-null the server computes
- SALT := H(ID | A | X)
+ SALT := ID | A | X
secret_input := H(EXP(X,a)) | EXP(X,y)
seed := EXTRACT(SALT, secret_input)
verify := EXPAND(seed, T_AUTH, MU)
_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits