Remove 'since_last_dh' from other parts of the protocol'

979b5cdf · Sofia Celi · 41be5476 · 979b5cdf · 979b5cdf
Unverified Commit 979b5cdf authored Jun 02, 2019 by Sofia Celi ⛸
--- a/architecture-decisions/005-brace-keys.md
+++ b/architecture-decisions/005-brace-keys.md
@@ -183,11 +183,10 @@ A new DH ratchet happens every time you:
 2. When you receive a data message that advertises a new ECDH public key from
   the other party.

-The state variable `since_last_dh` exists to keep track of the last time a DH
-key was generated. It is increased every time a DH ratchet happens and set to
-zero when the DH keys are generated.
+The state variable `i` exists to keep track of the last time a DH key was
+generated. It is increased every time a DH ratchet happens.

-If `since_last_dh ==  3`
+If `i %  3 == 0`

  * Compute the new brace key from a DH computation e.g.
    `brace_key_i = KDF(usage_third_brace_key || DH(our_DH.secret, their_DH.public), 32)`.
@@ -207,7 +206,7 @@ the DH public key in case they arrive in an out-of-order way or they are dropped

 **Alice or Bob receive the first message in a ratchet**

-If `since_last_dh ==  3`:
+If `i %  3 == 0`:

   * Check that a new DH public key is attached to the message.


--- a/modes/otrv4-standalone-mode.md
+++ b/modes/otrv4-standalone-mode.md
@@ -159,7 +159,6 @@ Alice will be initiating the DAKE with Bob.
    * Calculates the SSID from shared secret: the first 8 bytes of
      `HWC(usage_SSID || K, 64)`.
 1. Initializes the double-ratchet:
-    * Sets `since_last_dh` as 0.
    * Sets `i`, `j`, `k` `pn` as 0.
    * Sets `max_remote_i_seen` as -1.
    * Interprets `K` as the first root key (`prev_root_key`) by:
@@ -191,7 +190,6 @@ Alice will be initiating the DAKE with Bob.
      * Derives new set of keys:
        `curr_root_key, chain_key_s[j] = derive_ratchet_keys(sending, prev_root_key, K)`.
      * Securely deletes the previous root key (`prev_root_key`) and `K`.
-      * Increments `since_last_dh = since_last_dh + 1`.
      * Increments `i = i + 1`.
 1. Sends Bob the Auth-I message (see [Auth-I message](#auth-i-message)
   section).
@@ -217,7 +215,6 @@ Alice will be initiating the DAKE with Bob.
     [Auth-I Message](../otrv4.md#auth-i-message) section. If the verification
     fails, rejects the message and does not send anything further.
 1. Initializes the double-ratchet algorithm:
-   * Sets `since_last_dh` as 0.
   * Sets `i`, `j`, `k` and `pn` as 0.
   * Sets `max_remote_i_seen` as -1.
   * Interprets `K` as the first root key (`prev_root_key`) by: