RustyStriker/online_security_project
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
online_security_project/protocol.md

59 lines
2.1 KiB
Markdown
Raw Blame History

# The Protocol
### Key Derivation Function
doesnt seem to be any reason to use a key derivation function.
## Registration:
- User sends a `Register` requset giving them a public key and encrypting using the server's public key
- Server sends the user a `VerificationRequired` (not in current code, as the 6 digit code does that for now) message & a 6-digit code (Secure channel)
- User sends the server a `ConfirmRegister` with the 6-digit code, signed using the key provided at previous stage
- Server verifies the signature and code, and if both are valid it sends a last `Confirm` and the registration process is done
## Login
Login is done by a challenge, the user sends a `Login` request, the server sends a random block of 16 bytes for the user to sign,
then the server validates the signature with the known saved key.
## Passing messages
In order to send a message from A to B, A will ask the server for B's key,
A will then encrypt the message using B's key, append a signature, and send a `SendMessage`
request with the payload having the structure of `Enc_b(Message object) + Signature_A(Message object)`.
The server will hold on to the message until B will send a `GetMessages` request
to the server.
## Requests
- Register:
data: Phone - 8 bytes, RSA key size (payload length) - 2 bytes
- ConfirmRegister (signed & encrypted 6 digit code)
data: 6 bytes for the 6 digit code, 4 bytes for signature length
- Login:
data: 8 bytes of user's phone
- ConfirmLogin (signed hash):
data: hash length
- GetMessages:
data: EMPTY
- GetUserKey:
extra data: 8 bytes (4 bits per digit) of whoever we want to get the key of
- SendMessage:
extra data: 8 bytes (4 bits per digit) of who to send the data, 4 bytes (32bit) for length in bytes
I think it all can go into a:
```
{
Version byte (0) - 1 byte,
RequestType - 1 byte,
looping counter - 1 byte,
data - up to 13,
} = 16 bytes = 128 bits
```
Encryption and Hashes used:
public keys: RSA-1024 (can be of somewhat arbitrary length)
Hashes: SHA3-256
symmetric keys: AES-CFB-256 with PCKS7 padding (when needed as most stuff are made to fit in 1 block)
Reference in a new issue View git blame Copy permalink