prop269: Removed hash of initial XTR salt

author: John M. Schanck <jschanck@securityinnovation.com> 2016-10-14 14:05:18 -0400
committer: John M. Schanck <jschanck@securityinnovation.com> 2016-10-14 14:05:18 -0400
commit: 8de17fa1b84c59a74178aba57c146bfb431801cf (patch)
tree: ee6d93a8059bb7b53110d3f7b0d9d4d6a35589c1 /proposals/269-hybrid-handshake.txt
parent: 5d428fe9b889ea43f71aa0d5c9673de37d1ca7f0 (diff)
download: torspec-8de17fa1b84c59a74178aba57c146bfb431801cf.tar.gz
torspec-8de17fa1b84c59a74178aba57c146bfb431801cf.zip
1 files changed, 5 insertions, 5 deletions
diff --git a/proposals/269-hybrid-handshake.txt b/proposals/269-hybrid-handshake.txt
index 76b32c0..eb35180 100644
--- a/proposals/269-hybrid-handshake.txt
+++ b/proposals/269-hybrid-handshake.txt
@@ -168,7 +168,7 @@ Status: Draft
       s2, C           := KEM_ENC(EPK)
 
     The server extracts the seed:
-      SALT            := H(ID | A | X | EPK)
+      SALT            := ID | A | X | EPK
       secret          := s0 | s1 | s2
       seed            := EXTRACT(SALT, secret)
 
@@ -190,7 +190,7 @@ Status: Draft
       s2              := KEM_DEC(C, esk)
 
     The client then derives the seed:
-      SALT            := H(ID | A | X | EPK)
+      SALT            := ID | A | X | EPK
       secret          := s0 | s1 | s2
       seed            := EXTRACT(SALT, secret);
 
@@ -225,7 +225,7 @@ Status: Draft
   |                            s0           := H(DH_MUL(X,a))                |
   |                            s1           := DH_MUL(X,y)                   |
   |                            s2, C        := KEM_ENC(EPK)                  |
-  |                            SALT         := H(ID | A | X | EPK)           |
+  |                            SALT         := ID | A | X | EPK              |
   |                            secret       := s0 | s1 | s2                  |
   |                            seed         := EXTRACT(SALT, secret)         |
   |                            verify       := EXPAND(seed, T_AUTH, MU)      |
@@ -239,7 +239,7 @@ Status: Draft
   | s0           := H(DH_MUL(A,x))                                           |
   | s1           := DH_MUL(Y,x)                                              |
   | s2           := KEM_DEC(C, esk)                                          |
-  | SALT         := H(ID | A | X | EPK)                                      |
+  | SALT         := ID | A | X | EPK                                         |
   | secret       := s0 | s1 | s2                                             |
   | seed         := EXTRACT(SALT, secret)                                    |
   | verify       := EXPAND(seed, T_AUTH, MU)                                 |
@@ -279,7 +279,7 @@ Status: Draft
     key                 := EXPAND(seed, M_EXPAND, KEY_LEN)
 
   In hybrid-null the server computes
-    SALT                := H(ID | A | X)
+    SALT                := ID | A | X
     secret_input        := H(EXP(X,a)) | EXP(X,y)
     seed                := EXTRACT(SALT, secret_input)
     verify              := EXPAND(seed, T_AUTH, MU)
author	John M. Schanck <jschanck@securityinnovation.com>	2016-10-14 14:05:18 -0400
committer	John M. Schanck <jschanck@securityinnovation.com>	2016-10-14 14:05:18 -0400
commit	8de17fa1b84c59a74178aba57c146bfb431801cf (patch)
tree	ee6d93a8059bb7b53110d3f7b0d9d4d6a35589c1 /proposals/269-hybrid-handshake.txt
parent	5d428fe9b889ea43f71aa0d5c9673de37d1ca7f0 (diff)
download	torspec-8de17fa1b84c59a74178aba57c146bfb431801cf.tar.gz torspec-8de17fa1b84c59a74178aba57c146bfb431801cf.zip