Language Selection

English French German Italian Portuguese Spanish

Nigori: Storing Secrets in the Cloud

Filed under
Software
Security

Nigori is a protocol for storing secrets in the cloud such that the storage need not be trusted and only a single password is required to access secrets.

Table of Contents

1. Introduction
    1.1. Requirements Language
    1.2. Notation
    1.3. Constants
2. Key and Salt Derivation
    2.1. Unassisted Password-based Key Derivation
    2.2. Assisted Password-based Key Derivation
3. Authentication
4. Storage of Secrets
5. Secret Storage at a Single Server
    5.1. Storage
    5.2. Retrieval
6. Secret Storage at Multiple Servers
7. Protocol Details
    7.1. Storage
    7.2. Retrieval
    7.3. Responses
8. Algorithms
    8.1. Shamir Secret Split
9. Examples
10. Pre-calculated values for mod_inverse(x, p)
11. Acknowledgements
12. IANA Considerations
13. Security Considerations
14. References
    14.1. Normative References
    14.2. Informative References
§ Author's Address

Located Here




More in Tux Machines

From the Editors: You’ve come a long way, Linux

This month, as we do every March, we reported on the Who Writes Linux report from the Linux Foundation. Usually, this is a fairly rote affair: Red Hat and Intel contribute tons of code, Greg Kroah-Hartman does a ton of the work, and we learn about some small firm somewhere that’s cranking out kernel code disproportionate to its size. Read more

SteamOS A Linux Distribution For Gaming


Picture

SteamOS is a Debian Linux kernel-based operating system in development by Valve Corporation designed to be the primary operating system for the Steam Machine game consoles. It was initially released on December 13, 2013, alongside the start of end-user beta testing of Steam Machines.
 

Read At LinuxAndUbuntu

KDE Applications 14.12.3 Officially Released

KDE Applications 14.12 has been released by its makers, and it’s a regular maintenance update. It comes with a ton of bug fixes and will be soon available in various repositories. Read more

Understanding The Linux Kernel's BPF In-Kernel Virtual Machine

BPF continues marching forward as a universal, in-kernel virtual machine for the Linux kernel. The Berkeley Packet Filter was originally designed for network packet filtering but has since been extended as eBPF to support other non-network subsystems via the bpf syscall. Here's some more details on this in-kernel virtual machine. Alexei Starovoitov presented at last month's Linux Foundation Collaboration Summit in Santa Rosa about BPF as an in-kernel virtual machine. The slides have been published for those wishing to learn more about its state and capabilities. Read more