You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on May 1, 2024. It is now read-only.
Right now in the demo the way that source accounts are created on the server side is still relying on the legacy logic, where the server is generating the codename.
Instead we want to do (open to feedback):
Client side: Generate a passphrase p. The passphrase is 10 diceware words long (how to get the wordlist to the client efficiently?), providing greater than 120 bits of entropy.
Client side: Derive using a KDF two values: p_public, p_private =KDF(p, salt) where salt is a 16-byte random salt.
p_public is used where the existing codename is used in the server code (authentication). p_private will be (eventually) used to encrypt the serialized source session which contains the private parts of their keys.
The text was updated successfully, but these errors were encountered:
Right now in the demo the way that source accounts are created on the server side is still relying on the legacy logic, where the server is generating the codename.
Instead we want to do (open to feedback):
p_public, p_private =KDF(p, salt)
where salt is a 16-byte random salt.p_public
is used where the existing codename is used in the server code (authentication).p_private
will be (eventually) used to encrypt the serialized source session which contains the private parts of their keys.The text was updated successfully, but these errors were encountered: