2024-12-01 19:40:08 +02:00
# The Protocol
2024-12-14 17:17:58 +02:00
### Key Derivation Function
2025-01-06 20:55:13 +02:00
doesnt seem to be any reason to use a key derivation function.
2024-12-14 17:17:58 +02:00
2024-12-01 19:40:08 +02:00
## Registration:
2025-01-06 20:55:13 +02:00
- User sends a `Register` requset giving them a public key and encrypting using the server's public key
- Server sends the user a `VerificationRequired` (not in current code, as the 6 digit code does that for now) message & a 6-digit code (Secure channel)
- User sends the server a `ConfirmRegister` with the 6-digit code, signed using the key provided at previous stage
- Server verifies the signature and code, and if both are valid it sends a last `Confirm` and the registration process is done
2024-12-01 19:40:08 +02:00
2025-01-06 20:55:13 +02:00
## Login
2024-12-01 19:40:08 +02:00
2025-01-06 20:55:13 +02:00
Login is done by a challenge, the user sends a `Login` request, the server sends a random block of 16 bytes for the user to sign,
then the server validates the signature with the known saved key.
2024-12-01 19:40:08 +02:00
## Passing messages
In order to send a message from A to B, A will ask the server for B's key,
2025-01-06 20:55:13 +02:00
A will then encrypt the message using B's key, append a signature, and send a `SendMessage`
request with the payload having the structure of `Enc_b(Message object) + Signature_A(Message object)` .
2024-12-01 19:40:08 +02:00
The server will hold on to the message until B will send a `GetMessages` request
to the server.
2024-12-14 17:17:58 +02:00
2025-01-06 20:55:13 +02:00
## Requests
2024-12-14 17:17:58 +02:00
2024-12-17 20:41:30 +02:00
- Register:
2024-12-20 11:23:49 +02:00
data: Phone - 8 bytes, RSA key size (payload length) - 2 bytes
2024-12-14 17:17:58 +02:00
- ConfirmRegister (signed & encrypted 6 digit code)
2025-01-06 20:55:13 +02:00
data: 6 bytes for the 6 digit code, 4 bytes for signature length
2025-01-02 18:49:58 +02:00
- Login:
data: 8 bytes of user's phone
- ConfirmLogin (signed hash):
data: hash length
2024-12-17 20:41:30 +02:00
- GetMessages:
data: EMPTY
2025-01-06 20:55:13 +02:00
- GetUserKey:
2024-12-14 17:17:58 +02:00
extra data: 8 bytes (4 bits per digit) of whoever we want to get the key of
2025-01-06 20:55:13 +02:00
- SendMessage:
2024-12-17 20:41:30 +02:00
extra data: 8 bytes (4 bits per digit) of who to send the data, 4 bytes (32bit) for length in bytes
2024-12-14 17:17:58 +02:00
I think it all can go into a:
```
{
2025-01-06 20:55:13 +02:00
Version byte (0) - 1 byte,
2024-12-14 17:17:58 +02:00
RequestType - 1 byte,
2025-01-06 20:55:13 +02:00
looping counter - 1 byte,
2024-12-17 20:41:30 +02:00
data - up to 13,
} = 16 bytes = 128 bits
2024-12-14 17:17:58 +02:00
```
2024-12-17 20:41:30 +02:00
2025-01-06 20:55:13 +02:00
Encryption and Hashes used:
public keys: RSA-1024 (can be of somewhat arbitrary length)
2024-12-17 20:41:30 +02:00
Hashes: SHA3-256
2025-01-06 20:55:13 +02:00
symmetric keys: AES-CFB-256 with PCKS7 padding (when needed as most stuff are made to fit in 1 block)
