mchack-work
commented
1 year ago We start with generating signatures and storing them in a file named as the hash. Figure out where to actually store them later.
Closed mchack-work closed 1 year ago
mchack-work
commented
1 year ago We start with generating signatures and storing them in a file named as the hash. Figure out where to actually store them later.
secworks
commented
1 year ago Or store with the UDI as the name. UDI-file that contains the hash, tag and signature.
quite
commented
1 year ago I think we wanted to use the key (file) named after the hash H to store the signature S. If only because H realistically can't be enumerated.
secworks
commented
1 year ago I think we want to use the UID to allow users to easily look up the hash. It is a public ledger. Anybody could download the hashes for all ID:s We can do, should do a threat analysis. But to me, using the UDI in this instance does not really leak any info about a user, bind a user to a specific device.
What is the benefit of not being able to do enumeration in this case?
quite
commented
1 year ago I'm closing this as done. Let's open new issues for anything arising when deploying the current implementation.
Goal: Let a user verify that the TKey is a genuine Tillitis.
We need new provisioning and verification software, mostly (only?) on the host side, possibly the same program with different arguments.
Provisioning:
Verification by user:
Software needs:
One provisioning host program that extracts UDI, runs the signerapp, gets the stick's pub key, and outputs a signed hash(udi, pubkey). Possibly storing in Sigsum or somewhere else.
One user host program (same as provisioning?) that extracts UDI, runs the signerapp, extracts the pub key, does hash(udi, pubkey) and checks against a provided hash.