specs icon indicating copy to clipboard operation
specs copied to clipboard

Published 20 hours ago verified publisher icon ipfs

Linked-Data Key (Previously Multikey)

Open Kubuxu opened this issue 8 years ago • 32 comments

I didn't see any specs for multikey so here are my notes what I'd love to see in it and how it could look.

We need a way to represent key types but also how are those keys stored, for example password they might protected. As keys might be getting much bigger (QC and hash based signature crypto) we also need a way to express keys bigger than 256 bytes. There are three options for that:

  • use two bytes for size (64KiB = 524Kibit)
  • use one byte multiplied by 4 (1KiB = 8Kibit)
  • use two bytes multiplied by 4 (256KiB = 2Mibit)

(maybe something even bigger). Each of them hash its pros and cons.

As format goes I would see it as:

[key protection schema+key type][crypto type][size][protected key]

First byte in 3 lower bits would include information if it is public, private or secret key (3bits = 8 values, rest left for future) and in 5 higher bits it would include information about how the key was protected, for example: no protection, scrypt+AES256, scrypt+salsa20, pure AES and so on.

Next byte would point onto crypto schema of key itself, it would depend on key type.

In case of symmetric key it might be AES128, AES256, salsa20. In case of private and public for example RSA1024, RSA2048, ed25519, curve25519, ECDSA.

Questions:

  • [x] - ~~ in case of public/private keys not all of them are suited for both signing and encryption. Should we have key types for such keys. How about two cryptos being used in pair, example : ed25519+curve25519 (one is suited for signing and one for encrypting), should we have crypto key type or just have two keys in full multikey wrapping? ~~ no longer a problem as for ed25519 <-> curve25519 public key conversion
  • [ ] - were should be designation of Hash-based message authentication codes placed (probably as symmetric but then we have symmetric keys that some are suited for encryption and some signing)
  • [ ] - list of protection schemes and cryptos to include in initial spec.

Edit: Point of key protection schema is to allow sending for example password protected private keys. In case that just exchange of public keys took place, no-protection schema should be expected.

Kubuxu avatar Jan 02 '16 20:01 Kubuxu