Protecting BRC-69 Key Linkage Information in Transit
Ty Everett (ty@projectbabbage.com)
Abstract
This BRC outlines additional security measures for the protection and controlled revelation of key linkage information as defined in BRC-69. This standard describes an approach for encrypting this sensitive data during communication, according to BRC-2. The intent is to ensure that only approved parties are capable of decrypting and accessing this information, thereby maintaining privacy and security.
Motivation
Providers of key linkages, as defined in BRC-69, need a secure way to disclose this information to a particular verifier. The information, although intended for verification, is highly sensitive and could infringe on privacy and security if mishandled. Therefore, a standard way to protect and communicate it is required. This proposal allows provers to reveal linkage information intentionally and securely, minimizing the risk of breaches.
Specification
Counterparty Revelation Payload
A counterparty-revelation
payload emphasizes encryption using the BRC-2 standard. The protocol ID in this context is counterparty linkage revelation
with security level 2
. The key ID comprises the current timestamp and serves to indicate the precise moment when the prover revealed the linkage information to the verifier.
Encryption:
Compute the root ECDH shared secret between user's identity key and a specified counterparty's key as per BRC-69 (method 1).
The prover's BRC-43 encryption protocol is
counterparty linkage revelation
, with a security level of2
. The key ID is the current timestamps in ISO string format.Encrypt the computed shared secret using the verifier's public key with BRC-2.
Decryption:
An entity receives the encrypted linkage counterparty revelation payload.
The entity decrypts the payload by using their private key with the prover's public key and the protocol ID and key ID specified.
Payload Fields
Specific Revelation Payload
The specific-revelation
payload involves encrypting the linkage information using BRC-2. The protocol ID incorporates the base specific linkage revelation
, and incorporates the security level and protocol ID used within the specific linkage being revealed. The key ID equals the key ID of the disclosed specific linkage.
Encryption:
Compute the child key offset with respect to specific BRC-43 protocol ID, key ID, and specified counterparty using BRC-69 (method 2).
The prover's BRC-43 encryption protocol is
specific linkage revelation <s> <p>
, with a security level of2
, where<s>
is the security level of the specific linkage protocol and<p>
is its protocol ID. The key ID equals the key ID of the revealed specific linkage.Encrypt the computed key offset using the verifier's public key.
Decryption:
An entity receives the encrypted specific revelation payload.
The entity decrypts the payload by using their private key with the prover's public key and the protocol ID and key ID specified.
Payload Fields
Examples
Example Counterparty Revelation Payload:
Example Specific Revelation Payload:
In each of the two above examples, the verifier's private key is c1a97bde329903b2035a870955b570f9f795e372af8a3e0fee78534157a7af18
.
You should be able to successfully verify that the keys linked between the prover and the prover's counterparty are authentic.
Implementation
Entities implementing this standard should consider privacy and security as critical. When creating a revelation payload, it is crucial to use precise protocol IDs and key IDs that correspond to the linkage being revealed. The use of accurate timestamps as key IDs in counterparty revelations is vital to document the exact time of the revelation. Entities should design their systems to handle these payloads correctly, ensuring the decryption process is secure. They should also ensure received payloads are legitimate by verifying accurate key linkages. If it is necessary to store linkage information, it should always be stored in an encrypted manner, away from less sensitive data.
Last updated