# The Protocol ### Key Derivation Function doesnt seem to be any reason to use a key derivation function. ## Registration: - User sends a `Register` requset giving them a public key and encrypting using the server's public key - Server sends the user a `VerificationRequired` (not in current code, as the 6 digit code does that for now) message & a 6-digit code (Secure channel) - User sends the server a `ConfirmRegister` with the 6-digit code, signed using the key provided at previous stage - Server verifies the signature and code, and if both are valid it sends a last `Confirm` and the registration process is done ## Login Login is done by a challenge, the user sends a `Login` request, the server sends a random block of 16 bytes for the user to sign, then the server validates the signature with the known saved key. ## Passing messages In order to send a message from A to B, A will ask the server for B's key, A will then encrypt the message using B's key, append a signature, and send a `SendMessage` request with the payload having the structure of `Enc_b(Message object) + Signature_A(Message object)`. The server will hold on to the message until B will send a `GetMessages` request to the server. ## Requests - Register: data: Phone - 8 bytes, RSA key size (payload length) - 2 bytes - ConfirmRegister (signed & encrypted 6 digit code) data: 6 bytes for the 6 digit code, 4 bytes for signature length - Login: data: 8 bytes of user's phone - ConfirmLogin (signed hash): data: hash length - GetMessages: data: EMPTY - GetUserKey: extra data: 8 bytes (4 bits per digit) of whoever we want to get the key of - SendMessage: extra data: 8 bytes (4 bits per digit) of who to send the data, 4 bytes (32bit) for length in bytes I think it all can go into a: ``` { Version byte (0) - 1 byte, RequestType - 1 byte, looping counter - 1 byte, data - up to 13, } = 16 bytes = 128 bits ``` Encryption and Hashes used: public keys: RSA-1024 (can be of somewhat arbitrary length) Hashes: SHA3-256 symmetric keys: AES-CFB-256 with PCKS7 padding (when needed as most stuff are made to fit in 1 block)