SDMP: Secure Distributed Messaging Protocol

The SDMP uses industry-standard cryptographic techniques to keep the network traffic secure, to strongly encrypt messages, and to verify users and nodes identities.

Keys

Where the phrase public key, private key, key pair, or RSA key pair is used, it is meant that section or set of an asymmetric RSA key pair.

The bit length of the RSA key must be at least 2048 bits.

Hashing

Where the phrase hash or digest is used, it is meant the SHA-512 hashing algorithm as specified in FIPS PUB 180-2.

Where a string representation of a hash is used or specified, it is meant the output of the SHA-512 hashing algorithm, whose octets are unpadded base64url encoded.

The hashing of keys is done by hashing the string value of the identity.key property of the identity resource.

Key fingerprint

Where the phrase key fingerprint is used, it is meant the key hash of the public key, encoded to base64url.

Key hashing

Where the phrase key hash is used, it is meant the generated from the UTF-8 encoded identity.key property of the identity resource.

E.g., for this example public key:

The property of identity.key would be:

And the hash (encoded to base64url) would be:

B_3ji9cDp1SJTyPnxuslQ66IT3zwEf4TvTEnGo60_2KGANVfhRY0XA2crFKIfq6edYcexkMYzfz6y3UsPZZLtw

AES encryption

Where the phrase session key or token key is used, it is meant an AES compatible key. Encryption must use the AES-CBC algorithm.

The bit length of the session key must be 256 bits.

Padding

When padding is specified, it is meant that the data must be padded with null bytes. This is also often referred to as zero-byte padding. That is, the hexadecimal encoded value of the bytes is simply 00.

Padding Length

When padding an encrypted object, it must be padded to the nearest 8192 bytes.

`SDMP`

↳ specification

↳ version 0.12

↳ core

Cryptography