[Standards] Encrypted Storage (Was: off-server archives with MAM)

Kim Alvefur zash at zash.se
Sat Apr 18 10:40:06 UTC 2015

On 2015-04-18 11:59, Thijs Alkemade wrote:
> What do you mean with “SASL state”? All of the data the server has after a
> SCRAM-SHA-1 exchange is either a) stored on the server, b) session specific.
> You can’t derive a key from that which the server could not derive on its own.

During SCRAM, the client sends data that is used to reconstruct the
ClientKey value.  H(ClientKey) then compared to StoredKey, and the
result is the result of the authentication attempt.

So the ClientKey could be used to open an encrypted storage backend¹.
Either directly or deriving another key from it (like SCRAM does using
HMAC in a few places).

If you use this ClientKey-based secret to encrypt the private part of an
asymetric key, you could use that to unlock MAM storage and use the
public key to append to it.

¹ FWIW, I experimented with using a ClientKey-derived secret feed to
encfs for storage.  Turned out to not be very useful for things other
than Private XML Storage, as the server often needs access to most other
data even when the user is offline.

Kim "Zash" Alvefur

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://mail.jabber.org/pipermail/standards/attachments/20150418/93d33812/attachment.sig>

More information about the Standards mailing list