forked from Velocidex/velociraptor
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathdoc.go
35 lines (28 loc) · 1.46 KB
/
doc.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
/*
This encryption scheme was originally used in the GRR communication
protocol.
It is designed for the following goals:
1. The protocol can be bootstrapped with zero knowledge - there is no
need to store previous session keys (symmetric keys). If the
session key for each packet is not known then it can always be
possible to recalculate it.
2. Once the session key is derived, then it may be cached. Caching the
session key saves the end point from performing expensive RSA
operations. This is purely an optimization.
3. The cipher object contains the session key as well as the hmac
key. The cipher proto is encrypted using the receiver public key so
only the receiver may decrypt it.
4. To verify the authenticity of the cipher object, one must decrypt
it, extract the session key and use that to decrypt the
encrypted_cipher_metadata field. That field contains the RSA for
the cipher object (signed using the sender's private key). Note
that since the cipher does not change throughout the session,
neither does the encrypted_cipher_metadata and so both can be
cached (and signature verification is not needed if the cipher blob
was seen previously.
5. Integrity of each packet's payload is assured through a HMAC. The
hmac key is consta nt throughout the session and it is specified in
the cipher object. Note we check the hmac before anything else to
reject malformed packets earlier and save some cycles.
*/
package crypto