qaul.net icon indicating copy to clipboard operation
qaul.net copied to clipboard

Published 20 hours ago verified publisher icon qaul

qaul Security Number

Open MathJud opened this issue 3 years ago • 0 comments
trafficstars

To verify the public keys of the users, create a security number, analog as the Signal messenger does it.

Info & Questions

  • Signal blog
    • https://signal.org/blog/safety-number-updates/
    • Security Number: 12 Groups of 5 Digits (= 12*2Bytes = 24bytes)
  • SHA-512 hash iterated 5200 times
    • https://security.stackexchange.com/questions/195761/why-iterate-5200-times-when-computing-safety-numbers-in-signal

Algorithm

  • Order the two public keys
    • smaller key & higher key
  • create SHA-512 hash over the keys:
    • repeat step for 5200 times of this hash result
      • add the public keys each time to the hash result and create a new hash-512 out of it.
    • do this operation in an own async thread
  • convert hash to number blocks:
    • still to discuss
    • most probably: in bytes & as a string.

RPC Communication

router/users.proto

SecurityNumberRequest

  • User ID for the user of which we want the security number

SecurityNumberResponse

  • user ID
  • security number

MathJud avatar Sep 08 '22 07:09 MathJud