You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
These are the changes as implemented in the above issue:
MasterKey is derived from the opaque export key using "OPAQUE-derived Lock Keeper master key" as the domain separation string.
ExportKey should not be used for anything else, but to derive MasterKey. MasterKey gets derived immediately after ExportKey is known, after which ExportKey is discarded and MasterKey is cached within the Session.
MasterKey should not be used directly to encrypt anything, but specific domain separated keys should be derived.
To encrypt the StorageKey, a key is derived from MasterKey using the user ID + the domain separator "storage key"
The text was updated successfully, but these errors were encountered:
TBD, see also: https://github.com/boltlabs-inc/key-mgmt/issues/356
These are the changes as implemented in the above issue:
The text was updated successfully, but these errors were encountered: