RustyStriker/online_security_project
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
online_security_project/protocol.md

2.1 KiB
Raw Blame History

The Protocol

Key Derivation Function

doesnt seem to be any reason to use a key derivation function.

Registration:

  • User sends a Register requset giving them a public key and encrypting using the server's public key
  • Server sends the user a VerificationRequired (not in current code, as the 6 digit code does that for now) message & a 6-digit code (Secure channel)
  • User sends the server a ConfirmRegister with the 6-digit code, signed using the key provided at previous stage
  • Server verifies the signature and code, and if both are valid it sends a last Confirm and the registration process is done

Login

Login is done by a challenge, the user sends a Login request, the server sends a random block of 16 bytes for the user to sign, then the server validates the signature with the known saved key.

Passing messages

In order to send a message from A to B, A will ask the server for B's key, A will then encrypt the message using B's key, append a signature, and send a SendMessage request with the payload having the structure of Enc_b(Message object) + Signature_A(Message object).

The server will hold on to the message until B will send a GetMessages request to the server.

Requests

  • Register: data: Phone - 8 bytes, RSA key size (payload length) - 2 bytes
  • ConfirmRegister (signed & encrypted 6 digit code) data: 6 bytes for the 6 digit code, 4 bytes for signature length
  • Login: data: 8 bytes of user's phone
  • ConfirmLogin (signed hash): data: hash length
  • GetMessages: data: EMPTY
  • GetUserKey: extra data: 8 bytes (4 bits per digit) of whoever we want to get the key of
  • SendMessage: extra data: 8 bytes (4 bits per digit) of who to send the data, 4 bytes (32bit) for length in bytes I think it all can go into a:
{
	Version byte (0) - 1 byte,
	RequestType - 1 byte,
	looping counter - 1 byte,
	data - up to 13,
} = 16 bytes = 128 bits

Encryption and Hashes used: public keys: RSA-1024 (can be of somewhat arbitrary length) Hashes: SHA3-256 symmetric keys: AES-CFB-256 with PCKS7 padding (when needed as most stuff are made to fit in 1 block)