Language Selection

English French German Italian Portuguese Spanish

Nigori: Storing Secrets in the Cloud

Filed under
Software
Security

Nigori is a protocol for storing secrets in the cloud such that the storage need not be trusted and only a single password is required to access secrets.

Table of Contents

1. Introduction
    1.1. Requirements Language
    1.2. Notation
    1.3. Constants
2. Key and Salt Derivation
    2.1. Unassisted Password-based Key Derivation
    2.2. Assisted Password-based Key Derivation
3. Authentication
4. Storage of Secrets
5. Secret Storage at a Single Server
    5.1. Storage
    5.2. Retrieval
6. Secret Storage at Multiple Servers
7. Protocol Details
    7.1. Storage
    7.2. Retrieval
    7.3. Responses
8. Algorithms
    8.1. Shamir Secret Split
9. Examples
10. Pre-calculated values for mod_inverse(x, p)
11. Acknowledgements
12. IANA Considerations
13. Security Considerations
14. References
    14.1. Normative References
    14.2. Informative References
§ Author's Address

Located Here




More in Tux Machines

Leftovers: Gaming

Android Leftovers

  • OnePlus Will Reveal Details Of Its ‘Oxygen’ Android ROM On February 12
    OnePlus introduced its own version of Android for its One smartphone earlier this month in response to its standoff with Cyanogen, and now the company has revealed that it will unveil its own ROM which can be installed on third-party Android devices on February 12. Correction: OnePlus tells us that, in fact, it won’t launch the ROM on the 12th. This is a tease-of-a-tease, and instead we can expect to see “more information about the ROM” not an actual download for third-party Android devices.
  • Android is suddenly surrounded by enemies
    Cyanogen is one of these forks. It has just raised $70 million from a number of investors including Microsoft to continue producing its own version of Android that it can position as a direct competitor to Google's.
  • Working New Android 5 Lollipop Features into Your Apps
  • Major Blackphone Security Flaw Discovered
    You might want to think twice before sending that sensitive text message over your supposedly secure Blackphone. A security flaw discovered by an Australian communication security expert could have allowed attackers to decrypt a Blackphone user’s messages, gather location information, and run additional code of the attacker’s choosing.
  • World’s most ‘NSA-proof’ phone vulnerable to simple SMS hack
    A smartphone marketed as the most anti-surveillance, NSA-proof personal device – the BlackPhone – has been found vulnerable to a simple SMS attack that allows the hacker to steal contacts, decrypt messages, and even take full control of the device.