Start writing protocol spec for olm
This commit is contained in:
parent
41a8fb61af
commit
49c117c62e
1 changed files with 42 additions and 0 deletions
42
docs/olm.rst
Normal file
42
docs/olm.rst
Normal file
|
@ -0,0 +1,42 @@
|
||||||
|
Olm: A Crytographic Ratchet
|
||||||
|
===========================
|
||||||
|
|
||||||
|
An implementation of the cryptographic ratchet described by
|
||||||
|
https://github.com/trevp/axolotl/wiki.
|
||||||
|
|
||||||
|
|
||||||
|
The Olm Algorithm
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
.. figure:: Axolotl.svg
|
||||||
|
|
||||||
|
|
||||||
|
Initial setup
|
||||||
|
~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
The setup takes four Curve25519 inputs: Identity keys for Alice and Bob,
|
||||||
|
:math:`I_A` and :math:`I_B`, and emphemeral keys for Alice and Bob,
|
||||||
|
:math:`E_A` and :math:`E_B`. A shared secret, :math:`S`, is generated using
|
||||||
|
Triple Diffie-Hellman. The initial 256 bit root key, :math:`R_0`, and 256 bit
|
||||||
|
chain key, :math:`C_{0,0}`, are derived from the shared secret using an
|
||||||
|
HMAC-based Key Derivation Function (HKDF).
|
||||||
|
|
||||||
|
.. math::
|
||||||
|
\begin{align}
|
||||||
|
S&=ECDH\left(I_A,\,E_B\right)\;\parallel\;ECDH\left(E_A,\,I_B\right)\;
|
||||||
|
\parallel\;ECDH\left(E_A,\,E_B\right)\\
|
||||||
|
R_0\;\parallel\;C_{0,0}&=HKDF(S,\,\text{"OLM\_ROOT"})
|
||||||
|
\end{align}
|
||||||
|
|
||||||
|
Advancing the root key
|
||||||
|
~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
||||||
|
Advancing a root key takes the previous root key, :math:`R_{i-1}`, and two
|
||||||
|
Curve25519 inputs: The previous ratchet key, :math:`T_{i-1}`, and the current
|
||||||
|
ratchet key :math:`T_{i}`. The even ratchet keys are generated by Alice.
|
||||||
|
The odd ratchet keys are generated by Bob. A shared secret, `S` is generated
|
||||||
|
using Diffie-Hellman on the ratchet keys. The next root key, :math:`R_o`, and
|
||||||
|
chain key, :math:`C_{i,0}`, are derived from the shared secret using an
|
||||||
|
HMAC-based Key Derivation Function (HKDF).
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue