Created
June 17, 2014 15:02
-
-
Save b1naryth1ef/93cdc12471d58d4e2ef6 to your computer and use it in GitHub Desktop.
Clio Authentication System
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Given two nodes, Bob and Amy, Bob initiates a connection and authentication with Amy. | |
| Bob sends a packet (id 1) containing json serialized data of: | |
| { | |
| "ID": 1, | |
| "PublicKey": (Bobs public key), | |
| "NetworkHash": A 32 bit string representing the network ID Bob is on, | |
| "Token": a 32-bit random integer | |
| } | |
| If Amy decides its worth authenticating with Bob (e.g. network id is correct, and the public key is valid) then Amy sends an auth packet (id 2) back containing json serialized data of: | |
| { | |
| "ID": 2, | |
| "PublicKey": (Amys public key), | |
| "Payload": Encrypted and Signed PGP data for Bob, signed with the key above, data is: | |
| { | |
| "T1": The token from Bob's inital packet, | |
| "T2": a new random token | |
| } | |
| } | |
| At this stage, Bob and Amy have completed the handshake and are besties 5ever. They now can communicate in an encrypted and trust-based fashion. At any time, either can decide to provide a new token to use for authentication (by default every subsequent packet provides a new token) | |
| Packet encryption works based off HMAC: FILL ME IN! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment