Skip to content
This repository has been archived by the owner on May 1, 2024. It is now read-only.

source account creation refactor #14

Open
redshiftzero opened this issue May 26, 2021 · 0 comments
Open

source account creation refactor #14

redshiftzero opened this issue May 26, 2021 · 0 comments
Labels
enhancement New feature or request

Comments

@redshiftzero
Copy link
Contributor

Right now in the demo the way that source accounts are created on the server side is still relying on the legacy logic, where the server is generating the codename.

Instead we want to do (open to feedback):

  1. Client side: Generate a passphrase p. The passphrase is 10 diceware words long (how to get the wordlist to the client efficiently?), providing greater than 120 bits of entropy.
  2. Client side: Derive using a KDF two values: p_public, p_private =KDF(p, salt) where salt is a 16-byte random salt.

p_public is used where the existing codename is used in the server code (authentication). p_private will be (eventually) used to encrypt the serialized source session which contains the private parts of their keys.

@redshiftzero redshiftzero added the enhancement New feature or request label May 26, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant