summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
Diffstat (limited to 'doc')
-rw-r--r--doc/sphinx/cryptography.rst5
1 files changed, 3 insertions, 2 deletions
diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst
index 6e8c29b..406732a 100644
--- a/doc/sphinx/cryptography.rst
+++ b/doc/sphinx/cryptography.rst
@@ -199,7 +199,7 @@ individual **key share**, we use different salts ("erd" and "eks", respectively)
and the encrypted **core secret**.
**nonce0**: Nonce which is used to generate *key0* and *iv0* which are used for the encryption of the *recovery document*.
-Nonce must contain the string "ERD".
+This key derivation must be done using the salt "erd".
**optional data**: Key material that optionally is contributed from the authentication method to further obfuscate the key share from the escrow provider.
@@ -208,7 +208,8 @@ Here, **i** must be a positive number used to iterate over the various **key sha
at the various providers.
**nonce_i**: Nonce which is used to generate *key_i* and *iv_i* which are used for the encryption of the **key share**. **i** must be
-the same number as specified above for *encrypted_key_share_i*. Nonce must contain the string "EKS" plus the according *i*.
+the same number as specified above for *encrypted_key_share_i*.
+Key derivation must be done using the salt "eks".
As a special rule, when a **security question** is used to authorize access to an
**encrypted_key_share_i**, then the salt "eks" is replaced with an (expensive) hash