Submitted by Giulio Cesare on 22 April, 2008 - 08:07.
The passphrase is used to derive three values:
the ‘C’ value of the SRP protocol (aka: username)
the ‘P’ value of the SRP protocol (aka: password)
the ‘key’ to decrypt the index card, where all the other card keys are stored.
These values are computed using the following expressions:
C = sha256(sha256(concat(username, passphrase)));
P = sha256(sha256(concat(passphrase, username)));
key = sha256(sha256(passphrase));
C and P are later used to perform the SRP authentication protocol, while key is used to encrypting/decrypt the index card using AES256 in CTR mode, with a different salt each time.
Re: Keys
The passphrase is used to derive three values:
These values are computed using the following expressions:
C and P are later used to perform the SRP authentication protocol, while key is used to encrypting/decrypt the index card using AES256 in CTR mode, with a different salt each time.
Hope this helps.