1.3.3 Protocol Security

The protocol messages are encrypted and data integrity protected to prevent an attacker from reading or modifying these messages.

Prior to sending application requests to a relay server, a client first registers with the server. A 160-bit symmetric secret key shared only between the client and the server is established during the registration process. This key is thereafter used for protecting the confidentiality and integrity of the data in the protocol.

In the registration message, the client-generated shared key is encrypted using the encryption public key of the server. This message also contains an authenticator obtained by signing the digest of the message, using the client's signature private key.

The server, upon receiving such a registration message, decrypts the shared key using its encryption private key, and verifies the signature using the client's signature public key.

The server saves the shared key and returns a response indicating the success of the registration.

Once the shared key has been exchanged with the registration process, the client encrypts subsequent message payloads and integrity-protects them using Hash-based Message Authentication Code (HMAC). The server decrypts the message with the shared key and verifies the integrity before processing the message. Then the server prepares the response, encrypts and integrity-protects it with the shared key as well. Upon receiving such a response, the client decrypts and verifies with the shared key to get the response payload.

If the server does not recognize the client (hence the shared key has not been previously exchanged), the server returns a fault response message indicating that registration is required. The client then goes through the registration process to establish the shared key.