3.10 Algorithms ............................................... 20
3.10.1 Ciphers ............................................ 20
3.10.2 Public Key Algorithms .............................. 21
- 3.10.3 MAC Algorithms ..................................... 21
- 3.10.4 Compression Algorithms ............................. 22
+ 3.10.3 Hash Functions ..................................... XXX
+ 3.10.4 MAC Algorithms ..................................... XXX
+ 3.10.5 Compression Algorithms ............................. XXX
3.11 SILC Public Key .......................................... 22
3.12 SILC Version Detection ................................... 24
4 SILC Procedures ............................................... 25
It is expected that some of the commands may be miss-used by clients
resulting various problems on the server side. Every implementation
should assure that commands may not be executed more than once, say,
-in two (2) seconds. This should be sufficient to prevent the miss-use
-of commands.
+in two (2) seconds. However, to keep response rate up, allowing for
+example five (5) commands before limiting is allowed. It is recommended
+that commands such as SILC_COMMAND_NICK, SILC_COMMAND_JOIN and
+SILC_COMMAND_LEAVE should be limited in all cases as they require
+heavy operations. This should be sufficient to prevent the miss-use of
+commands.
SILC commands are described in section 5 SILC Commands.
If the authentication method is password based, the Authentication
Data field includes the plaintext password. It is safe to send
-plaintext password since the entire payload is encrypted.
+plaintext password since the entire payload is encrypted. In this
+case the Public Data Lenght is set to zero (0).
If the authentication method is public key based (or certificate)
the Authentication Data is computed as follows:
.ti 0
-3.10.3 MAC Algorithms
+3.10.3 Hash Functions
+
+Hash functions are used as part of MAC algorithms defined in the next
+section. They are also used in the SILC Key Exchange protocol defined
+in the [SILC3].
+
+Following Hash algorithm are defined in SILC protocol:
+
+sha1 SHA-1, length = 20 (mandatory)
+md5 MD5, length = 16 (optional)
+
+
+.ti 0
+3.10.4 MAC Algorithms
Data integrity is protected by computing a message authentication code
(MAC) of the packet data. See [SILC2] for details how to compute the
Following MAC algorithms are defined in SILC protocol:
.in 6
-hmac-sha1 HMAC-SHA1, length = 20 (mandatory)
+hmac-sha1-96 HMAC-SHA1, length = 12 (mandatory)
+hmac-md5-96 HMAC-MD5, length = 12 (optional)
+hmac-sha1 HMAC-SHA1, length = 20 (optional)
hmac-md5 HMAC-MD5, length = 16 (optional)
none No MAC (optional)
.in 3
.ti 0
-3.10.4 Compression Algorithms
+3.10.5 Compression Algorithms
SILC protocol supports compression that may be applied to unencrypted
data. It is recommended to use compression on slow links as it may
network. This is done by broadcasting the SILC_NOTIFY_TYPE_JOIN notify
type to the router's primary route.
-After joining the client to the channel server or router must send
-command reply packet for SILC_COMMAND_USERS command. This way the
-client gets the list of users on the channel. If the router joined
-the client to the channel then the router sends this command reply
-to the server which must send it further to the original client.
-
It is important to note that new channel key is created always when
new client joins to channel, whether the channel has existed previously
or not. This way the new client on the channel is not able to decrypt
how channel messages must be encrypted and decrypted when router is
processing them.
+When client receives the SILC_PACKET_CHANNEL_KEY packet with the
+Channel Key Payload it must process the key data to create encryption
+and decryption key, and to create the HMAC key that is used to compute
+the MACs of the channel messages. The processing is as follows:
+
+ channel_key = raw key data
+ HMAC key = hash(raw key data)
+
+The raw key data is the key data received in the Channel Key Payload.
+The hash() function is the hash function used in the HMAC of the channel.
+
.ti 0
4.5 Private Message Sending and Reception
SILC_PACKET_PRIVATE_MESSAGE_KEY which travels through the network
and is secured by session keys. After that the private message key
is used in the private message communication between those clients.
-See more information about how this works technically in [SILC2].
Other choice is to entirely use keys that are not sent through
the SILC network at all. This significantly adds security. This key
would be pre-shared-key that is known by both of the clients. Both
agree about using the key and starts sending packets that indicate
-that the private message is secured using private message key. This
-is the technical aspect mentioned previously that is described
-in [SILC2].
-
-If the private message keys are not set to be used, which is the
-case by default in SILC, the private messages are secured by using
-normal session keys established by SILC Key Exchange protocol.
-
+that the private message is secured using private message key.
+The key material used as private message key is implementation issue.
+However, SILC_PACKET_KEY_AGREEMENT packet may be used to negotiate
+the key material. If the key is normal pre-shared-key or randomly
+generated key, and the SILC_PACKET_KEY_AGREEMENT was not used, then
+the key material should be processed as defined in the [SILC3]. In
+the processing, however, the HASH, as defined in [SILC3] must be
+ignored. After processing the key material it is employed as defined
+in [SILC3], however, the HMAC key material must be discarded.
+If the key is pre-shared-key or randomly generated the implementations
+should use the SILC protocol's mandatory cipher as the cipher. If the
+SKE was used to negotiate key material the cipher was negotiated as well.
.ti 0
4.7 Channel Message Sending and Reception
Reply messages to the command:
- Max Arguments: 3
- Arguments: (1) <Status Payload> (2) <nickname>[@<server>]
- (3) <username@host>
+ Max Arguments: 5
+ Arguments: (1) <Status Payload> (2) <Client ID>
+ (3) <nickname>[@<server>] (4) <username@host>
+ (5) [<real name>]
This command may reply with several command reply messages to form
a list of results. In this case the status payload will include
14 SILC_COMMAND_JOIN
- Max Arguments: 4
+ Max Arguments: 5
Arguments: (1) <channel> (2) <Client ID>
(3) [<passphrase>] (4) [<cipher>]
+ (5) [<hmac>]
Join to channel/create new channel. This command is used to
join to a channel. If the channel does not exist the channel is
requested by sending the name of the requested <cipher>. This
is used only if the channel does not exist and is created. If
the channel already exists the cipher set previously for the
- channel will be used to secure the traffic.
+ channel will be used to secure the traffic. The computed MACs
+ of the channel message are produced by the default HMAC or by
+ the <hmac> provided for the command.
The server must check whether the user is allowed to join to
the requested channel. Various modes set to the channel affect
Reply messages to the command:
- Max Arguments: 9
- Arguments: (1) <Status Payload> (2) <channel>
- (3) <Channel ID> (4) <channel mode mask>
- (5) <created> (6) <Channel Key Payload>
- (7) [<ban mask>] (8) [<invite list>]
- (9) [<topic>]
+ Max Arguments: 14
+ Arguments: (1) <Status Payload> (2) <channel>
+ (3) <Channel ID> (4) <Client ID>
+ (5) <channel mode mask> (6) <created>
+ (7) <Channel Key Payload> (8) [<ban mask>]
+ (9) [<invite list>] (10) [<topic>]
+ (11) [<hmac>] (12) <list count>
+ (13) <Client ID list> (14) <client mode list>
This command replies with the channel name requested by the
client, channel ID of the channel and topic of the channel
- if it exists. It also replies with the channel mode mask
+ if it exists. The <Client ID> is the Client ID which was joined
+ to the channel. It also replies with the channel mode mask
which tells all the modes set on the channel. If the
channel is created the mode mask is zero (0). If ban mask
and/or invite list is set they are sent as well.
+ The <list count>, <Client ID list> and <client mode list> are
+ the clients curerntly on the channel and their modes on the
+ channel.
+
Client receives the channel key in the reply message as well
inside <Channel Key Payload>.
17 SILC_COMMAND_CMODE
- Max Arguments: 7
+ Max Arguments: 8
Arguments: (1) <Channel ID> (2) <channel mode mask>
(3) [<user limit>] (4) [<passphrase>]
(5) [<ban mask>] (6) [<invite list>]
- (7) [<cipher>[:<key len>]]
+ (7) [<cipher>] (8) [<hmac>]
This command is used by client to set or change channel flags on
a channel. Channel has several modes that set various properties
Sets specific cipher to be used to protect channel
traffic. The <cipher> argument is the requested cipher.
When set or unset the server must re-generate new
- channel key. If <key len> argument is specified with
- <cipher> argument the new key is generated of <key len>
- length in bits. Only channel founder may set the cipher of
+ channel key. Only channel founder may set the cipher of
the channel. When unset the new key is generated using
default cipher for the channel.
to set/unset this mode.
+ 0x0400 SILC_CMODE_HMAC
+
+ Sets specific hmac to be used to compute the MACs of the
+ channel message. The <hmac> argument is the requested hmac.
+ Only channel founder may set the hmac of the channel.
+
+ Typical implementation would use [+|-]h on user interface
+ to set/unset this mode.
+
+
To make the mode system work, client must keep the channel mode
mask locally so that the mode setting and unsetting would work
without problems. The client receives the initial channel mode
projects / silc.git / blobdiff