gitea-mirror/rosenpass
1
0
Fork 0
mirror of https://github.com/rosenpass/rosenpass.git synced 2025-12-12 15:49:22 -08:00
Code Issues Packages Projects Releases Wiki Activity

Update whitepaper

Browse Source
This commit is contained in:
Prabhpreet Dua
2024-04-16 15:24:08 +05:30
parent b0a93d6884
commit 6215bc1514
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
papers/whitepaper.md
View File

@@ -219,6 +219,7 @@ The server needs to store the following variables:
* `spkm` * `spkm`
* `biscuit_key` Randomly chosen key used to encrypt biscuits * `biscuit_key` Randomly chosen key used to encrypt biscuits
* `biscuit_ctr` Retransmission protection for biscuits * `biscuit_ctr` Retransmission protection for biscuits
* `cookie_secret`- A randomized cookie secret to derive cookies sent to peer when under load. This secret changes every 120 seconds
Not mandated per se, but required in practice: Not mandated per se, but required in practice:
@@ -244,6 +245,7 @@ The initiator stores the following local state for each ongoing handshake:
* `ck` The chaining key * `ck` The chaining key
* `eski` The initiator's ephemeral secret key * `eski` The initiator's ephemeral secret key
* `epki` The initiator's ephemeral public key * `epki` The initiator's ephemeral public key
* `cookie_value`- Cookie value sent by an initiator peer under load, used to compute cookie field in outgoing handshake to peer under load. This value expires 120 seconds from when a peer sends this value using the CookieReply message
The responder stores no state. While the responder has access to all of the above variables except for `eski`, the responder discards them after generating the RespHello message. Instead, the responder state is contained inside a cookie called a biscuit. This value is returned to the responder inside the InitConf packet. The biscuit consists of: The responder stores no state. While the responder has access to all of the above variables except for `eski`, the responder discards them after generating the RespHello message. Instead, the responder state is contained inside a cookie called a biscuit. This value is returned to the responder inside the InitConf packet. The biscuit consists of: