[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated: use different concatenation operator
|
From: |
gnunet |
|
Subject: |
[lsd0001] branch master updated: use different concatenation operator |
|
Date: |
Wed, 09 Feb 2022 08:53:28 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new 258b24f use different concatenation operator
258b24f is described below
commit 258b24fa760bedd320d74f7c4f7ccd45d96bc686
Author: Martin Schanzenbach <schanzen@gnunet.org>
AuthorDate: Wed Feb 9 08:53:24 2022 +0100
use different concatenation operator
---
draft-schanzen-gns.xml | 44 +++++++++++++++++++++++---------------------
1 file changed, 23 insertions(+), 21 deletions(-)
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 961ee7d..6c7af70 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -506,8 +506,8 @@ Value Symbol Symbol
For the string representation of a zTLD we define:
</t>
<artwork name="" type="" align="left" alt=""><![CDATA[
-zkl := GNSBase32Encode(ztype|zkey)
-ztype|zkey := GNSBase32Decode(zkl)
+zkl := GNSBase32Encode(ztype||zkey)
+ztype||zkey := GNSBase32Decode(zkl)
]]></artwork>
<t>
If zkl is less than 63 characters, it can directly be
@@ -515,7 +515,7 @@ ztype|zkey := GNSBase32Decode(zkl)
If zkl is longer than 63 characters, the
zTLD is constructed by dividing zkl into smaller labels separated by
the
label separator ".".
- Here, the most significant bytes of the "ztype|zkey" concatenation
must be contained
+ Here, the most significant bytes of the "ztype||zkey" concatenation
must be contained
in the rightmost label of the resulting string and the least
significant
bytes in the leftmost label of the resulting string. This allows the
resolver to determine the ztype and zkl length from the rightmost
label and
@@ -1006,7 +1006,7 @@ zTLD := zkl[126..129].zkl[63..125].zkl[0..62]
ZKDF-Private(d,label):
zk := d * G
PRK_h := HKDF-Extract ("key-derivation", zk)
- h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
+ h := HKDF-Expand (PRK_h, label || "gns", 512 / 8)
d' := (h * d) mod L
return d'
]]></artwork>
@@ -1017,7 +1017,7 @@ ZKDF-Private(d,label):
<artwork name="" type="" align="left" alt=""><![CDATA[
ZKDF-Public(zk,label)
PRK_h := HKDF-Extract ("key-derivation", zk)
- h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
+ h := HKDF-Expand (PRK_h, label || "gns", 512 / 8)
zk' := (h mod L) * zk
return zk'
]]></artwork>
@@ -1066,7 +1066,7 @@ S-Encrypt(zk,label,expiration,plaintext):
PRK_n := HKDF-Extract ("gns-aes-ctx-iv", zk)
K := HKDF-Expand (PRK_k, label, 256 / 8)
NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
- IV := NONCE | expiration | 0x0000000000000001
+ IV := NONCE || expiration || 0x0000000000000001
return CTR-AES256(K, IV, plaintext)
]]></artwork>
</figure>
@@ -1078,7 +1078,7 @@ S-Decrypt(zk,label,expiration,ciphertext):
PRK_n := HKDF-Extract ("gns-aes-ctx-iv", zk)
K := HKDF-Expand (PRK_k, label, 256 / 8)
NONCE := HKDF-Expand (PRK_n, label, 32 / 8)
- IV := NONCE | expiration | 0x0000000000000001
+ IV := NONCE || expiration || 0x0000000000000001
return CTR-AES256(K, IV, ciphertext)
]]></artwork>
</figure>
@@ -1211,12 +1211,12 @@ S-Decrypt(zk,label,expiration,ciphertext):
<artwork name="" type="" align="left" alt=""><![CDATA[
ZKDF-Private(d,label):
a := SHA-512 (d)
- a[0] &= 248;
- a[31] &= 127;
- a[31] |= 64;
+ a[0] &= 248
+ a[31] &= 127
+ a[31] |= 64
zk := a * G
PRK_h := HKDF-Extract ("key-derivation", zk)
- h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
+ h := HKDF-Expand (PRK_h, label || "gns", 512 / 8)
h[31] &= 7
a1 := a >> 3
a2 := (h * a1) mod L
@@ -1230,7 +1230,7 @@ ZKDF-Private(d,label):
<artwork name="" type="" align="left" alt=""><![CDATA[
ZKDF-Public(zk,label):
PRK_h := HKDF-Extract ("key-derivation", zk)
- h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
+ h := HKDF-Expand (PRK_h, label || "gns", 512 / 8)
h[31] &= 7
zk' := h * zk
return zk'
@@ -1289,21 +1289,21 @@ ZKDF-Public(zk,label):
SignDerived(d,label,message):
/* Calculate public key */
a := SHA-512 (d)
- a[0] &= 248;
- a[31] &= 127;
- a[31] |= 64;
+ a[0] &= 248
+ a[31] &= 127
+ a[31] |= 64
zk := a * G
/* Calculate blinding factor */
PRK_h := HKDF-Extract ("key-derivation", zk)
- h := HKDF-Expand (PRK_h, label | "gns", 512 / 8)
+ h := HKDF-Expand (PRK_h, label || "gns", 512 / 8)
d' := ZKDF-Private(d,label)
dh := SHA-512 (d)
- nonce := SHA-256 (dh[32..63] | h)
- r := SHA-512 (nonce | message)
+ nonce := SHA-256 (dh[32..63] || h)
+ r := SHA-512 (nonce || message)
R := r * G
- S := r + SHA-512(R | zk' | message) * d' mod L
+ S := r + SHA-512(R || zk' || message) * d' mod L
return (R,S)
]]></artwork>
<t>
@@ -1324,15 +1324,17 @@ VerifyDerived(zk,label,message,signature):
S-Encrypt(zk,label,expiration,message):
PRK_k := HKDF-Extract ("gns-xsalsa-ctx-key", zk)
PRK_n := HKDF-Extract ("gns-xsalsa-ctx-iv", zk)
- K := HKDF-Expand (PRK_k, label, 256 / 8);
+ K := HKDF-Expand (PRK_k, label, 256 / 8)
NONCE := HKDF-Expand (PRK_n, label, 128 / 8)
+ IV := NONCE || expiration
return XSalsa20-Poly1305(K, IV, message)
S-Decrypt(zk,label,expiration,ciphertext):
PRK_k := HKDF-Extract ("gns-xsalsa-ctx-key", zk)
PRK_n := HKDF-Extract ("gns-xsalsa-ctx-iv", zk)
- K := HKDF-Expand (PRK_k, label, 256 / 8);
+ K := HKDF-Expand (PRK_k, label, 256 / 8)
NONCE := HKDF-Expand (PRK_n, label, 128 / 8)
+ IV := NONCE || expiration
return XSalsa20-Poly1305(K, IV, ciphertext)
]]></artwork>
<t>
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0001] branch master updated: use different concatenation operator,
gnunet <=