As the designer of this SSI environment, i shall design a did-method-hd-key to allow for stateless authentication of agents

[francis-pouatcha]

The purpose is to allow for state authentication of interaction between mobile agents and cloud agents.

A cloud agent can issue an hd public key to a consumer (mobile agent).

• The consumer must keep this public key secret.
• The consumer can derive a message sending key from the hd key to authenticate the deposition of a message that shall be forwarded to another agent. In this case, the cloud agent is the consumer's sender agent (see issue As the designer of this SSI environment, I would like each participant to route all outgoing messages through it's afilliated cloud agents #45)
• The consumer can derive a contact key, that will be given to another agent. Now this other agent can derive message delivery keys from the hd key to authenticate delivery when sending messages to their contact.

Generally for sending:

• Sender will user the contact key of the recipient to encrypt the message.
• Sender will use the recipient cloud agent's auth key to encrypt the message (ECDH) producing the first forward message
• Sender will then use his own cloud agent's auth sending key to wrap the message in the second forward message that will then be deposited to the proxy of the send.

Particularity of this approach:

• no DoS possibility, as each cloud agent only stores authenticated messages.
• As cloud agent still has to decrypt outer envelope, key derivation provides an authentication layer that allows service to reject malicious clients.

ToDo:

• rite a paper describing this approach
• implements a did-hd-key method with corresponding features.

[francis-pouatcha]

Event between cloud agents, IP based, pairwise authentication can help prevent flooding of the network with invalid packets. To realize this, a cloud agent can

1. register an ip address with the peer
2. then use the provided auth key to encrypt every message sent in subsequent messages.

[francis-pouatcha]

A key performance principle here is

• that with authenticated encryption, recipient will have to maintain a database of public key senders. But maintaining a database with all senders is deemed not scalable.
• providing each sender with a hd key is more promising, as recipient can just use the key derivation to perform authentication. Combining this with a database (list) of blocked senders looks more efficient.

[francis-pouatcha]

Some explanation on HD Key
https://github.com/WebOfTrustInfo/rwot1-sf/blob/master/topics-and-advance-readings/hierarchical-deterministic-keys--bip32-and-beyond.md