Desired characteristics of derived keys

[jans23]

Relates to #15.

Questions

• Do we want to prevent device tracking?
• Do we want to use per-origin keys usually? -> Prefer key_handle to prevent collision.
• Do we want to use cross-orign keys usually? -> Prefer key_index for easier usage.

key_index (e.g. 1 byte)

• Is easier to use

key_handle (e.g. 32 byte)

• Is a kind of access token, which prevents device/user tracking (privacy issue)
• Needs to be provided (copied) by user for each service to use the key.

Unless decided, the device could use a key handle between 1 and 32 byte, which covers both options above.

[jans23]

@onlykey what do you think?

[szszszsz]

This would provide an opportunity to implement a 'hidden key' (similar to 'hidden volume' in 'encrypted volume') by providing the key handle by the user in a form of passphrase, and calculating the PBKDF2 of it (resulting of the 32-bytes key_handle).