o Cookie (16 bytes) - Cookie that randomize this payload so
that each of the party cannot determine the payload before
- hand.
+ hand. This field MUST be present.
o Version String Length (2 bytes) - The length of the Version
String field, not including any other field.
the sender of this payload. Initiator sets this when sending
the payload and responder sets this when it replies by sending
this payload. See [SILC1] for definition of the version
- string format.
+ string format. This field MUST be present and include valid
+ version string.
o Key Exchange Grp Length (2 bytes) - The length of the
key exchange group list, not including any other field.
o Key Exchange Group (variable length) - The list of
key exchange groups. See the section 2.4 SILC Key Exchange
- Groups for definitions of these groups.
+ Groups for definitions of these groups. This field MUST
+ be present.
o PKCS Alg Length (2 bytes) - The length of the PKCS algorithms
list, not including any other field.
o PKCS Algorithms (variable length) - The list of PKCS
- algorithms.
+ algorithms. This field MUST be present.
o Encryption Alg Length (2 bytes) - The length of the encryption
algorithms list, not including any other field.
o Encryption Algorithms (variable length) - The list of
- encryption algorithms.
+ encryption algorithms. This field MUST be present.
o Hash Alg Length (2 bytes) - The length of the Hash algorithm
list, not including any other field.
o Hash Algorithms (variable length) - The list of Hash
algorithms. The hash algorithms are mainly used in the
- SKE protocol.
+ SKE protocol. This field MUST be present.
o HMAC Length (2 bytes) - The length of the HMAC list, not
including any other field.
o HMACs (variable length) - The list of HMACs. The HMAC's
are used to compute the Message Authentication Codes (MAC)
- of the SILC packets.
+ of the SILC packets. This field MUST be present.
o Compression Alg Length (2 bytes) - The length of the
compression algorithms list, not including any other field.
o Compression Algorithms (variable length) - The list of
- compression algorithms.
+ compression algorithms. This field MAY be omitted.
.in 3
be closed immediately.
o Public Key (or certificate) (variable length) - The
- public key or certificate. The public key or certificate
- in this field is encoded in the manner as defined in their
- respective definitions; see previous field.
+ public key or certificate of the party. This public key
+ is used to verify the digital signature. The public key
+ or certificate in this field is encoded in the manner as
+ defined in their respective definitions; see previous field.
o Public Data Length (2 bytes) - The length of the Public Data
field, not including any other field.
o Public Data (variable length) - The public data to be
- sent to the receiver. See section 2.2 Key Exchange
- Procedure for detailed description how this field is
- computed. This value is binary encoded.
+ sent to the receiver (Diffie-Hellman public values). See
+ section 2.2 Key Exchange Procedure for detailed description
+ how this field is computed. This value is binary encoded.
o Signature Length (2 bytes) - The length of the signature,
not including any other field.
If the Mutual Authentication flag is set then initiator
MUST also produce signature data SIGN_i which the responder
will verify. The initiator MUST compute a hash value
- HASH_i = hash(Key Exchange Start Payload | public key
- (or certificate) | e). It then signs the HASH_i value with
- its private key resulting a signature SIGN_i.
+ HASH_i = hash(Initiator's Key Exchange Start Payload |
+ public key (or certificate) | e). It then signs the HASH_i
+ value with its private key resulting a signature SIGN_i.
2. Responder generates a random number y, where 1 < y < q,
and computes f = g ^ y mod p. It then computes the
shared secret KEY = e ^ y mod p, and, a hash value
- HASH = hash(Key Exchange Start Payload data | public
- key (or certificate) | Initiator's public key (or
- certificate) | e | f | KEY). It then signs
+ HASH = hash(Initiator's Key Exchange Start Payload |
+ public key (or certificate) | Initiator's public key
+ (or certificate) | e | f | KEY). It then signs
the HASH value with its private key resulting a signature
SIGN.