Overview

GordianKnot can be personalised to ensure differing securitySpaces. The personalisation is achieved via a SecurityPhrase which is processed via a set of digests to produce two 512-bit arrays (I and IV) which are then utilised in the various algorithms.

I is often split into 16 integers written as I1 through I16. Similarly IV is often split into 4 128-bit arrays written as IV1 through IV4

Sample

                /* Access factory using security phrase */
                final char[] mySecurityPhrase = ...
                final GordianFactory myBaseFactory = GordianGenerator.createFactory(mySecurityPhrase);

Generation

The personalisation algorithm is as follows.

  1. Initialise I and IV to all zeroes
  2. Create an array of all available digests that have an output length of 512-bits.
  3. Initialise all digests with a constant value followed by the security phrase
  4. Finish all digests, creating an array R of the hashResults and xor each of these hashes into I
  5. Loop for 2K iterations.
    1. Update each digest with ALL the elements of R
    2. Finish each digest, updating its hash in R and xor-ing into I
  6. Repeat above loop for 2K iterations, xor-ing results into IV instead of I.
    1. Update each digest with ALL the elements of R
    2. Finish each digest, updating its hash in R and xor-ing into I

Seeded Random

Several algorithms in GordianKnot require selection of various algorithms in a deterministic fashion based on a 4-byte seed S. This is performed by creating a 6-byte seed from the combination of the 4-byte seed and one of the In values, specific to the algorithm. This 6-byte seed in used to instantiate an instance of the deterministic Random class and algorithm selection is performed via this seeded Random instance.

Key Derivation

The key derivation algorithm that generates a key KA for an algorithm A from a secret S and vector V is as follows.

  1. Obtain a seed X from the first 4 bytes of V and obtain a seeded random R using X and I1
  2. Obtain a set of two distinct HMACs HM and HA from the seededRandom R
  3. Initialise both HMac with a key of secret S
  4. Repeat the following loop until sufficient bits have been generated. Start with C = 0
    1. Initialise result to all zeros
    2. Update both Macs with I and IV
    3. Update both Macs with A, keyLength and C
    4. Set input DM and DA to V
    5. Loop for 16 iterations.
      1. Update HA with DA
      2. Calculate DA as the hash result of HA
      3. Update HM with DM and with DA
      4. Calculate DM as the hash result of HM
      5. Xor DM into the result
    6. Increment C and repeat if necessary.