-
Notifications
You must be signed in to change notification settings - Fork 95
KK variant
- What the client needs to know about the server: the server's public key
- What the server needs to know about the client: the client's public key
This variant is designed to exchange messages between two parties that already know each other's public key.
Client: generate a long-term key pair
hydro_kx_keypair client_static_kp;
hydro_kx_keygen(&client_static_kp);
Server: generate a long-term key pair
hydro_kx_keypair server_static_kp;
hydro_kx_keygen(&server_static_kp);
Client: initiate a key exchange
hydro_kx_state st_client;
hydro_kx_kk_1(&st_client, packet1, server_static_kp.pk, &client_static_kp);
Server: process the initial request from the client, and compute the session keys
hydro_kx_session_keypair session_kp;
if (hydro_kx_kk_2(&session_kp, packet2, packet1,
client_static_kp.pk, &server_static_kp) != 0) {
// abort
}
// Done! session_kp.tx is the key for sending data to the client,
// and session_kp.rx is the key for receiving data from the client.
Client: process the server packet and compute the session keys
hydro_kx_session_keypair session_kp;
if (hydro_kx_kk_3(&st_client, &session_kp, packet2, &client_static_kp) != 0) {
// abort
}
// Done! session_kp.tx is the key for sending data to the server,
// and session_kp.rx is the key for receiving data from the server.
// The session keys are the same as those computed by the server, but swapped.
Annex: declarations
uint8_t packet1[hydro_kx_KK_PACKET1BYTES];
uint8_t packet2[hydro_kx_KK_PACKET2BYTES];
void hydro_kx_keygen(hydro_kx_keypair *static_kp);
The hydro_kx_keygen()
function generates a long-term key pair.
kp->pk
contains the public key (hydro_kx_PUBLICKEYBYTES
bytes) and kp->sk
contains the secret key (hydro_kx_SECRETKEYBYTES
bytes).
These long-term keys can be reused indefinitely, even though rotating them from time to time is highly recommended in case the secret key ever gets leaked.
int hydro_kx_kk_1(hydro_kx_state *state, uint8_t packet1[hydro_kx_KK_PACKET1BYTES],
const uint8_t peer_static_pk[hydro_kx_PUBLICKEYBYTES],
const hydro_kx_keypair *static_kp);
The hydro_kx_kk_1()
function is called by a client initiating a connection. It initializes the local state state, computes an ephemeral key pair, and puts the first packet to send to the server into packet1
.
int hydro_kx_kk_2(hydro_kx_session_keypair *kp, uint8_t packet2[hydro_kx_KK_PACKET2BYTES],
const uint8_t packet1[hydro_kx_KK_PACKET1BYTES],
const uint8_t peer_static_pk[hydro_kx_PUBLICKEYBYTES],
const hydro_kx_keypair *static_kp);
The hydro_kx_kk_2()
function has to be called by the server after a client request packet1
has been received.
It validates the request, computes an ephemeral key pair, puts it into kp
, and stores the packet to send to the client into packet2
.
int hydro_kx_kk_3(hydro_kx_state *state, hydro_kx_session_keypair *kp,
const uint8_t packet2[hydro_kx_KK_PACKET2BYTES],
const hydro_kx_keypair *static_kp);
The hydro_kx_kk_3()
function has to be called by the client after having received the packet from the server, packet2
.
It validates the packet, computes the shared session key and puts it into kp
.