-
Notifications
You must be signed in to change notification settings - Fork 112
KK variant
- What the client needs to know about the server: the server's public key
- What the server needs to know about the client: the client's public key
This variant is designed to exchange messages between two parties that already know each other's public key.
Client: generate a long-term key pair
hydro_kx_keypair client_static_kp;
hydro_kx_keygen(&client_static_kp);Server: generate a long-term key pair
hydro_kx_keypair server_static_kp;
hydro_kx_keygen(&server_static_kp);Client: initiate a key exchange
hydro_kx_state st_client;
hydro_kx_kk_1(&st_client, packet1, server_static_kp.pk, &client_static_kp);Server: process the initial request from the client, and compute the session keys
hydro_kx_session_keypair session_kp;
if (hydro_kx_kk_2(&session_kp, packet2, packet1,
client_static_kp.pk, &server_static_kp) != 0) {
// abort
}
// Done! session_kp.tx is the key for sending data to the client,
// and session_kp.rx is the key for receiving data from the client.Client: process the server packet and compute the session keys
hydro_kx_session_keypair session_kp;
if (hydro_kx_kk_3(&st_client, &session_kp, packet2, &client_static_kp) != 0) {
// abort
}
// Done! session_kp.tx is the key for sending data to the server,
// and session_kp.rx is the key for receiving data from the server.
// The session keys are the same as those computed by the server, but swapped.Annex: declarations
uint8_t packet1[hydro_kx_KK_PACKET1BYTES];
uint8_t packet2[hydro_kx_KK_PACKET2BYTES];void hydro_kx_keygen(hydro_kx_keypair *static_kp);The hydro_kx_keygen() function generates a long-term key pair.
kp->pk contains the public key (hydro_kx_PUBLICKEYBYTES bytes) and kp->sk contains the secret key (hydro_kx_SECRETKEYBYTES bytes).
These long-term keys can be reused indefinitely, even though rotating them from time to time is highly recommended in case the secret key ever gets leaked.
int hydro_kx_kk_1(hydro_kx_state *state, uint8_t packet1[hydro_kx_KK_PACKET1BYTES],
const uint8_t peer_static_pk[hydro_kx_PUBLICKEYBYTES],
const hydro_kx_keypair *static_kp);The hydro_kx_kk_1() function is called by a client initiating a connection. It initializes the local state state, computes an ephemeral key pair, and puts the first packet to send to the server into packet1.
int hydro_kx_kk_2(hydro_kx_session_keypair *kp, uint8_t packet2[hydro_kx_KK_PACKET2BYTES],
const uint8_t packet1[hydro_kx_KK_PACKET1BYTES],
const uint8_t peer_static_pk[hydro_kx_PUBLICKEYBYTES],
const hydro_kx_keypair *static_kp);The hydro_kx_kk_2() function has to be called by the server after a client request packet1 has been received.
It validates the request, computes an ephemeral key pair, puts it into kp, and stores the packet to send to the client into packet2.
int hydro_kx_kk_3(hydro_kx_state *state, hydro_kx_session_keypair *kp,
const uint8_t packet2[hydro_kx_KK_PACKET2BYTES],
const hydro_kx_keypair *static_kp);The hydro_kx_kk_3() function has to be called by the client after having received the packet from the server, packet2.
It validates the packet, computes the shared session key and puts it into kp.