Keyboard shortcuts

Press or to navigate between chapters

Press S or / to search in the book

Press ? to show this help

Press Esc to hide this help

Key Hierarchy

How do the various cryptographic keys relate to each other?

flowchart TB
  subgraph Attestant
    ASK{{AttestantSigningKeys}}
    AVK[AttestantVerifyingKeys]
  end

  subgraph Shared["Shared Keys"]
    SSEK{{SharedSecretKeys}}
    SPK[SharedPublicKeys]
    SSIK{{SharedSigningKeys}}
    SVK[SharedVerifyingKeys]
  end

  subgraph Server["Server Node"]
    SNSK[ServerNodeSecretKey]
    Params[Params]
  end

  ReachablePeer -->|holds| Shared
  Server -->|stores| Shared

  subgraph ReachablePeer["Reachable Peer"]
    RPSIK[ReachableSigningKeys]
    RPVK[ReachableVerifyingKeys]
    RPSEK[ReachableSecretKeys]
    RPPK[ReachablePublicKeys]
  end

  Attestant -->|generates| SNSK
  Attestant -->|generates| SSEK
  Attestant -->|generates| SSIK
  SSEK -->|includes public key for| SNSK

  ASK -.->|derives| AVK
  ASK -->|signs| SSEK
  ASK -->|signs| SSIK
  ASK -->|signs| Params
  ASK -->|signs| RPVK

  AVK -->|verifies| RPVK

  RPSIK -.->|derives| RPVK
  RPSIK -->|signs| RPPK
  RPSEK -.->|derives| RPPK
  RPVK -->|verifies| RPPK

  SSEK -.->|derives| SPK
  SSIK -.->|derives| SVK
  SVK -->|verifies replies from| ReachablePeer
  SPK -->|+ ServerNodeSecretKey, seals MessageVaultId/EnvelopeId to| ReachablePeer
  SSEK -->|unseals SealedMessageVaultId/SealedEnvelopeId for| ReachablePeer

flowchart TB
  subgraph ReachingUser["Reaching User"]
    Pass([Passphrase])
    RUSIK[ReachingSigningKeys]
    RUVK[ReachingVerifyingKeys]
    RUSEK_CURRENT["ReachingSecretKeys (current epoch)"]
    RUSEK_PREVIOUS["ReachingSecretKeys (previous epoch)"]
    RUPK[ReachingPublicKeys]
  end

  Pass -->|+ Params.reaching_static_salt, derives| RUSIK
  Pass -->|+ Params.reaching_current_epoch_salt, derives| RUSEK_CURRENT
  Pass -->|+ Params.reaching_previous_epoch_salt, derives| RUSEK_PREVIOUS

  RUSIK -.->|derives| RUVK
  RUSEK_CURRENT -.->|derives| RUPK
  RUSIK -->|signs| RUPK
  RUVK -->|verifies| RUPK

Key Relationships

Trust Chain

  1. AttestantSigningKeys act as the root of trust
  2. Attestant signs ReachableVerifyingKeys to enroll peers
  3. ReachableVerifyingKeys sign ReachablePublicKeys
  4. SharedVerifyingKeys verify replies from Reachable Peers to Reaching Users

Encryption Keys

KeyPurposeWho holds secret
ReachableSecretKeysDecrypt Envelope/MessageVault addressed to reachable peerIndividual Reachable Peer
ReachingSecretKeysDecrypt Envelope/MessageVault addressed to reaching userDerived from memorized passphrase
ServerNodeSecretKey/SharedPublicKeysSeal MessageVaultId/EnvelopeId for reachable peerServer Node
SharedSecretKeysDecrypt SealedEnvelopeId/SealedMessageVaultId sent by serverAll Reachable Peers