You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Document the need for serializing input passed to hash functions and other cryptographic primitives and create appropriate implementation issues. Encoding of inputs should be unambiguous. e.g., prepend lengths of concatenated inputs to Hash functions, as in Hash("5" || "Alice" || "6" || "Victor").
Harden spec & implementation against misuse of the import_key functionality. Imported keys have inherently different security properties than keys that are generated internally by Lock Keeper. The implementation should make it difficult to misuse, and the protocols should protect the key server against unknowingly viewing an externally generated key as as internally generated key.
Harden spec & implementation against misuse of keys generated locally by the client. Keys generated client-side have inherently different security properties than keys that are generated by the Lock Keeper key server. This becomes especially important with the introduction of keys with shared control, i.e., with a policy engine.
The text was updated successfully, but these errors were encountered:
Non-exhaustive list:
Hash("5" || "Alice" || "6" || "Victor").import_keyfunctionality. Imported keys have inherently different security properties than keys that are generated internally by Lock Keeper. The implementation should make it difficult to misuse, and the protocols should protect the key server against unknowingly viewing an externally generated key as as internally generated key.The text was updated successfully, but these errors were encountered: