From d38138b69c2f46c0a1fdf6d5971cc2ae0a9447dd Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Thu, 21 Oct 2021 08:25:19 +0200 Subject: get rid of policy download signature, explain upload signature better --- doc/sphinx/cryptography.rst | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) (limited to 'doc/sphinx/cryptography.rst') diff --git a/doc/sphinx/cryptography.rst b/doc/sphinx/cryptography.rst index 6c25fc0..a38f6e7 100644 --- a/doc/sphinx/cryptography.rst +++ b/doc/sphinx/cryptography.rst @@ -233,7 +233,9 @@ Signatures ---------- The EdDSA keys are used to sign the data sent from the client to the -server. Everything the client sends to server is signed. The following +server. This signature ensures that an adversary that observes the upload is not +able to upload a new version of the policy without knowing the user's identity attributes. +The signature is made over a hash of the request body. The following algorithm is equivalent for **Anastasis-Policy-Signature**. .. code-block:: none @@ -248,21 +250,6 @@ algorithm is equivalent for **Anastasis-Policy-Signature**. **ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed. -When requesting policy downloads, the client must also provide a signature: - -.. code-block:: none - - (anastasis-account-signature) := eddsa_sign(version, eddsa_priv) - ver_res := eddsa_verifiy(version, anastasis-account-signature, eddsa_pub) - -**anastasis-account-signature**: Signature over the SHA-512 hash of the body using the purpose code ``TALER_SIGNATURE_ANASTASIS_POLICY_DOWNLOAD`` (1401) (see GNUnet EdDSA signature API for the use of purpose). - -**version**: The version requested as a 64-bit integer, 2^64-1 for the "latest version". - -**ver_res**: A boolean value. True: Signature verification passed, False: Signature verification failed. - - - Availability Considerations ^^^^^^^^^^^^^^^^^^^^^^^^^^^ -- cgit v1.2.3