Security framework: formula for Rhizome 2-way bundle key shared secret #1
Comments
ghost
assigned 
|
My curent thinking is: In manifest: 2WAYBK=<(bundle key XOR (first 256 bits of sha512(BID ## shared secret of the two SIDs)))> For anonymously supplied bundles, the creator would roll a disposable SID, and use that to create the 2WAYBK, and then entirely forget the disposable SID. They would then have repudiability, while still allowing the recipient to modify (e.g., null and/or expire the bundle once received). Cost would be 2x32bytes for the two SIDs. The 2WAYBK itself would be no longer than a regular BK. It may make sense to sill use the BK field, instead of have 2WAYBK, as the parties could easily verify if they can obtain the private key for the bundle, and this would prevent disclosure to 3rd parties as to whether the recipient can modify the bundle. Or perhaps if CREATOR and RECIPIENT are both specified, then we should always use a 2WAYBK by convention. |
The formula for producing the shared secret (SS) used in the Rhizome 2-way bundle key (2WAYBK) is not yet specified in the Serval Security Framework document.
Anonymous transmission of stats bundles from the field back to Serval HQ (see servalproject/serval-dna#38) will depend on the 2WAYBK. Such bundles must be signed using a 2-way bundle key created from a throw-away private-public key pair and the well-known Serval HQ public key that will be built into the software. Then the originator of the bundle cannot ever be proven (and the originator cannot revise it either), but Serval HQ can delete the bundle once it has been received (by publishing a new version with zero size), which should erase that bundle from all nodes that carried it.
The text was updated successfully, but these errors were encountered: