[ ] Document the need for serializing input passed to hash functions and other cryptographic primitives and create appropriate implementation issues. Encoding of inputs should be unambiguous. e.g., prepend lengths of concatenated inputs to Hash functions, as in Hash("5" || "Alice" || "6" || "Victor").
[ ] Harden spec & implementation against misuse of the import_key functionality. Imported keys have inherently different security properties than keys that are generated internally by Lock Keeper. The implementation should make it difficult to misuse, and the protocols should protect the key server against unknowingly viewing an externally generated key as as internally generated key.
[ ] Harden spec & implementation against misuse of keys generated locally by the client. Keys generated client-side have inherently different security properties than keys that are generated by the Lock Keeper key server. This becomes especially important with the introduction of keys with shared control, i.e., with a policy engine.
Non-exhaustive list:
Hash("5" || "Alice" || "6" || "Victor").import_keyfunctionality. Imported keys have inherently different security properties than keys that are generated internally by Lock Keeper. The implementation should make it difficult to misuse, and the protocols should protect the key server against unknowingly viewing an externally generated key as as internally generated key.