[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0001] branch master updated: add still failty revocation block
From: |
gnunet |
Subject: |
[lsd0001] branch master updated: add still failty revocation block |
Date: |
Mon, 17 Feb 2020 18:14:02 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository lsd0001.
The following commit(s) were added to refs/heads/master by this push:
new dc47b55 add still failty revocation block
dc47b55 is described below
commit dc47b550abd472b28e1fe47dd51a8123a753fd1a
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Mon Feb 17 18:10:07 2020 +0100
add still failty revocation block
---
draft-schanzen-gns.html | 78 +++++++++++++++++++++++++++++++++++++++----
draft-schanzen-gns.txt | 88 ++++++++++++++++++++++++++++++++++++++++---------
draft-schanzen-gns.xml | 79 +++++++++++++++++++++++++++++++++++++++-----
3 files changed, 215 insertions(+), 30 deletions(-)
diff --git a/draft-schanzen-gns.html b/draft-schanzen-gns.html
index 81923c6..1ed4743 100644
--- a/draft-schanzen-gns.html
+++ b/draft-schanzen-gns.html
@@ -2462,7 +2462,7 @@ table {
128 / 8)
ALTERNATIVE:
PRK := HKDF-Extract ("gnunet-proof-of-work-iv", K)
- IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 128 / 8);
+ IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 256 / 8);
</pre>
</div>
@@ -2486,16 +2486,82 @@ table {
</div>
<figcaption><a href="#figure-18" class="selfRef">Figure
18</a></figcaption></figure>
<p id="section-7-15">
- The above EREV data object is again derived using the scrypt algorithm.
- The proof of work is complete, if the following inequality holds:<a
href="#section-7-15" class="pilcrow">¶</a></p>
+ The above EREV data object is again derived using the scrypt
algorithm.
+ The proof of work is complete, if the following inequality holds:<a
href="#section-7-15" class="pilcrow">¶</a></p>
<figure id="figure-19">
<div class="artwork art-text alignLeft" id="section-7-16.1">
<pre>
- scrypt(P := EREV) < 2^(39)-1
+ POW := scrypt(P := EREV) < 2^(39)-1
</pre>
</div>
<figcaption><a href="#figure-19" class="selfRef">Figure
19</a></figcaption></figure>
+<p id="section-7-17">
+ In order to prove ownership over the revoked zone, the owner
calculates
+ a signature over the following data:<a href="#section-7-17"
class="pilcrow">¶</a></p>
+<div id="figure_revocationdata">
+<figure id="figure-20">
+ <div class="artwork art-text alignLeft" id="section-7-18.1">
+<pre>
+ 0 8 16 24 32 40 48 56
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIGNATURE |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIZE | PURPOSE |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | PUBLIC KEY |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | POW |
+ +-----------------------------------------------+
+ </pre>
+</div>
+<figcaption><a href="#figure-20" class="selfRef">Figure
20</a></figcaption></figure>
+</div>
+<p id="section-7-19">where:<a href="#section-7-19" class="pilcrow">¶</a></p>
+<dl class="dlParallel" id="section-7-20">
+ <dt id="section-7-20.1">SIGNATURE</dt>
+<dd id="section-7-20.2">
+ A 512-bit ECDSA deterministic signature compliant with
+ <span>[<a href="#RFC6979" class="xref">RFC6979</a>]</span>. The
signature is computed over the data
+ following the SIZE, PURPOSE and PUBLIC KEY fields.
+ The signature is created using the private zone key "d" (see
+ <a href="#zones" class="xref">Section 2</a>).<a
href="#section-7-20.2" class="pilcrow">¶</a>
+</dd>
+<dt id="section-7-20.3">SIZE</dt>
+<dd id="section-7-20.4">
+ A 32-bit value containing the length of the signed data in network
+ byte order.<a href="#section-7-20.4" class="pilcrow">¶</a>
+</dd>
+<dt id="section-7-20.5">PURPOSE</dt>
+<dd id="section-7-20.6">
+ A 32-bit signature purpose flag. This field MUST be 3 (in network
+ byte order).<a href="#section-7-20.6" class="pilcrow">¶</a>
+</dd>
+<dt id="section-7-20.7">PUBLIC KEY</dt>
+<dd id="section-7-20.8">
+ is the 256-bit public key "zk" of the zone which is being revoked
and
+ the key to be used to verify SIGNATURE. The
+ wire format of this value is defined in <span>[<a href="#RFC8032"
class="xref">RFC8032</a>]</span>,
+ Section 5.1.5.<a href="#section-7-20.8" class="pilcrow">¶</a>
+</dd>
+<dt id="section-7-20.9">POW</dt>
+<dd id="section-7-20.10">
+ The value of the proof of work.<a href="#section-7-20.10"
class="pilcrow">¶</a>
+</dd>
+</dl>
+<p id="section-7-21">
+ The resulting block may now be published and disseminated. The
concrete
+ dissemination and publication methods are out of scope of this
document.<a href="#section-7-21" class="pilcrow">¶</a></p>
</section>
</div>
<div id="governance">
@@ -2618,7 +2684,7 @@ The registry shall record for each entry:<a
href="#section-10-1" class="pilcrow"
Served", as described in <span>[<a href="#RFC8126"
class="xref">RFC8126</a>]</span>.
IANA is requested to populate this registry as follows:<a
href="#section-10-3" class="pilcrow">¶</a></p>
<div id="figure_rrtypenums">
-<figure id="figure-20">
+<figure id="figure-21">
<div class="artwork art-text alignLeft" id="section-10-4.1">
<pre>
Number | Type | Contact | References
@@ -2632,7 +2698,7 @@ The registry shall record for each entry:<a
href="#section-10-1" class="pilcrow"
FIXME We have a lot more?
</pre>
</div>
-<figcaption><a href="#figure-20" class="selfRef">Figure
20</a></figcaption></figure>
+<figcaption><a href="#figure-21" class="selfRef">Figure
21</a></figcaption></figure>
</div>
</section>
</div>
diff --git a/draft-schanzen-gns.txt b/draft-schanzen-gns.txt
index 6d41ad3..da7a12f 100644
--- a/draft-schanzen-gns.txt
+++ b/draft-schanzen-gns.txt
@@ -85,12 +85,12 @@ Table of Contents
6.2.5. VPN . . . . . . . . . . . . . . . . . . . . . . . . . 18
6.2.6. NICK . . . . . . . . . . . . . . . . . . . . . . . . 19
7. Zone Revocation . . . . . . . . . . . . . . . . . . . . . . . 19
- 8. Determining the Root Zone and Zone Governance . . . . . . . . 22
- 9. Security Considerations . . . . . . . . . . . . . . . . . . . 23
- 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
- 11. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . 24
- 12. Normative References . . . . . . . . . . . . . . . . . . . . 26
- Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27
+ 8. Determining the Root Zone and Zone Governance . . . . . . . . 23
+ 9. Security Considerations . . . . . . . . . . . . . . . . . . . 24
+ 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 24
+ 11. Test Vectors . . . . . . . . . . . . . . . . . . . . . . . . 25
+ 12. Normative References . . . . . . . . . . . . . . . . . . . . 27
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 28
1. Introduction
@@ -1142,7 +1142,7 @@ Internet-Draft The GNU Name System
November 2019
128 / 8)
ALTERNATIVE:
PRK := HKDF-Extract ("gnunet-proof-of-work-iv", K)
- IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 128 /
8);
+ IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 256 /
8);
Figure 17
@@ -1165,7 +1165,7 @@ Internet-Draft The GNU Name System
November 2019
algorithm. The proof of work is complete, if the following
inequality holds:
- scrypt(P := EREV) < 2^(39)-1
+ POW := scrypt(P := EREV) < 2^(39)-1
Figure 19
@@ -1175,6 +1175,62 @@ Internet-Draft The GNU Name System
November 2019
Schanzenbach, et al. Expires 13 May 2020 [Page 21]
+Internet-Draft The GNU Name System November 2019
+
+
+ In order to prove ownership over the revoked zone, the owner
+ calculates a signature over the following data:
+
+ 0 8 16 24 32 40 48 56
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIGNATURE |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIZE | PURPOSE |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | PUBLIC KEY |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | POW |
+ +-----------------------------------------------+
+
+ Figure 20
+
+ where:
+
+ SIGNATURE A 512-bit ECDSA deterministic signature compliant with
+ [RFC6979]. The signature is computed over the data following the
+ SIZE, PURPOSE and PUBLIC KEY fields. The signature is created
+ using the private zone key "d" (see Section 2).
+
+ SIZE A 32-bit value containing the length of the signed data in
+ network byte order.
+
+ PURPOSE A 32-bit signature purpose flag. This field MUST be 3 (in
+ network byte order).
+
+ PUBLIC KEY is the 256-bit public key "zk" of the zone which is being
+ revoked and the key to be used to verify SIGNATURE. The wire
+ format of this value is defined in [RFC8032], Section 5.1.5.
+
+ POW The value of the proof of work.
+
+ The resulting block may now be published and disseminated. The
+ concrete dissemination and publication methods are out of scope of
+ this document.
+
+
+
+Schanzenbach, et al. Expires 13 May 2020 [Page 22]
+
Internet-Draft The GNU Name System November 2019
@@ -1229,7 +1285,7 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 22]
+Schanzenbach, et al. Expires 13 May 2020 [Page 23]
Internet-Draft The GNU Name System November 2019
@@ -1285,7 +1341,7 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 23]
+Schanzenbach, et al. Expires 13 May 2020 [Page 24]
Internet-Draft The GNU Name System November 2019
@@ -1300,7 +1356,7 @@ Internet-Draft The GNU Name System
November 2019
65541 | BOX | N/A | [This.I-D]
FIXME We have a lot more?
- Figure 20
+ Figure 21
11. Test Vectors
@@ -1341,7 +1397,7 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 24]
+Schanzenbach, et al. Expires 13 May 2020 [Page 25]
Internet-Draft The GNU Name System November 2019
@@ -1397,7 +1453,7 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 25]
+Schanzenbach, et al. Expires 13 May 2020 [Page 26]
Internet-Draft The GNU Name System November 2019
@@ -1453,7 +1509,7 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 26]
+Schanzenbach, et al. Expires 13 May 2020 [Page 27]
Internet-Draft The GNU Name System November 2019
@@ -1509,7 +1565,7 @@ Authors' Addresses
-Schanzenbach, et al. Expires 13 May 2020 [Page 27]
+Schanzenbach, et al. Expires 13 May 2020 [Page 28]
Internet-Draft The GNU Name System November 2019
@@ -1565,4 +1621,4 @@ Internet-Draft The GNU Name System
November 2019
-Schanzenbach, et al. Expires 13 May 2020 [Page 28]
+Schanzenbach, et al. Expires 13 May 2020 [Page 29]
diff --git a/draft-schanzen-gns.xml b/draft-schanzen-gns.xml
index 9bf1201..49ed467 100644
--- a/draft-schanzen-gns.xml
+++ b/draft-schanzen-gns.xml
@@ -1205,7 +1205,7 @@
128 / 8)
ALTERNATIVE:
PRK := HKDF-Extract ("gnunet-proof-of-work-iv", K)
- IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 128 / 8);
+ IV := HKDF-Expand (PRK, "gnunet-revocation-proof-of-work", 256 / 8);
]]></artwork>
</figure>
@@ -1226,18 +1226,81 @@
AES(K[32:63], IV[0:15], REV))
]]></artwork>
- </figure>
- <t>
- The above EREV data object is again derived using the scrypt algorithm.
- The proof of work is complete, if the following inequality holds:
- </t>
-
+ </figure>
+ <t>
+ The above EREV data object is again derived using the scrypt
algorithm.
+ The proof of work is complete, if the following inequality holds:
+ </t>
<figure>
<artwork name="" type="" align="left" alt=""><![CDATA[
- scrypt(P := EREV) < 2^(39)-1
+ POW := scrypt(P := EREV) < 2^(39)-1
]]>
</artwork>
</figure>
+ <t>
+ In order to prove ownership over the revoked zone, the owner
calculates
+ a signature over the following data:
+ </t>
+ <figure anchor="figure_revocationdata">
+ <artwork name="" type="" align="left" alt=""><![CDATA[
+ 0 8 16 24 32 40 48 56
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIGNATURE |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | SIZE | PURPOSE |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | PUBLIC KEY |
+ | |
+ | |
+ | |
+ +-----+-----+-----+-----+-----+-----+-----+-----+
+ | POW |
+ +-----------------------------------------------+
+ ]]></artwork>
+ </figure>
+ <t>where:</t>
+ <dl>
+ <dt>SIGNATURE</dt>
+ <dd>
+ A 512-bit ECDSA deterministic signature compliant with
+ <xref target="RFC6979" />. The signature is computed over the data
+ following the SIZE, PURPOSE and PUBLIC KEY fields.
+ The signature is created using the private zone key "d" (see
+ <xref target="zones" />).
+ </dd>
+ <dt>SIZE</dt>
+ <dd>
+ A 32-bit value containing the length of the signed data in network
+ byte order.
+ </dd>
+ <dt>PURPOSE</dt>
+ <dd>
+ A 32-bit signature purpose flag. This field MUST be 3 (in network
+ byte order).
+ </dd>
+ <dt>PUBLIC KEY</dt>
+ <dd>
+ is the 256-bit public key "zk" of the zone which is being revoked
and
+ the key to be used to verify SIGNATURE. The
+ wire format of this value is defined in <xref target="RFC8032" />,
+ Section 5.1.5.
+ </dd>
+ <dt>POW</dt>
+ <dd>
+ The value of the proof of work.
+ </dd>
+ </dl>
+ <t>
+ The resulting block may now be published and disseminated. The
concrete
+ dissemination and publication methods are out of scope of this
document.
+ </t>
</section>
<section anchor="governance" numbered="true" toc="default">
<name>Determining the Root Zone and Zone Governance</name>
--
To stop receiving notification emails like this one, please contact
address@hidden.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [lsd0001] branch master updated: add still failty revocation block,
gnunet <=