keejef
/
session-ios
mirror of https://github.com/oxen-io/session-ios
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
dev
voice-calls-2
voice-calls
authentication
2.5.0
2.4.5
2.4.4
2.4.3
2.4.2
2.4.1
2.4.0
2.3.2
2.3.1
2.3.0
2.2.14
2.2.13
2.2.12
2.2.11
2.2.10
2.2.9
2.2.6
2.2.4
2.2.2
2.2.1
2.2.0
2.1.1
2.0.3
2.0.2
2.0.1
2.0.0
1.0.0-alpha.1
audit-2
audit
2.8.0
2.7.4
2.7.3
2.7.2
2.7.1
2.7.0
2.6.3
2.6.2
2.6.1
2.6.0
2.2.8
2.2.7
2.2.5
2.2.3
2.1.0
1.9.7
1.9.6
1.9.5
1.9.4
1.9.3
1.9.1
1.9.0
1.8.3
1.8.2
1.8.1
1.8.0
1.7.8
1.7.7
1.7.6
1.7.5
1.7.4
1.7.3
1.7.2
1.7.0
1.6.5
1.6.4
1.6.3
1.6.2
1.6.1
1.6.0
1.5.3
1.5.2
1.5.1-beta
1.5.0-beta
1.5.0
1.4.7
1.4.6
1.4.5
1.4.4
1.4.3
1.4.2
1.4.0-beta
1.4.0
1.3.0-alpha.1
1.3.0
1.2.6
1.2.5
1.2.4
1.2.3
1.2.1
1.2.0-alpha.2
1.2.0-alpha.1
1.2.0
1.13.0
1.12.9
1.12.8
1.12.7
1.12.6
1.12.5
1.12.4
1.12.2
1.12.1
1.11.9
1.11.8
1.11.7
1.11.6
1.11.5
1.11.4
1.11.3
1.11.24
1.11.23
1.11.22
1.11.21
1.11.20
1.11.2
1.11.19
1.11.18
1.11.17
1.11.16
1.11.15
1.11.14
1.11.13
1.11.12
1.11.11
1.11.10
1.11.1
1.11.0
1.10.2
1.10.1
1.10.0
1.1.0-alpha.4
1.1.0-alpha.3
1.1.0-alpha.2
1.1.0-alpha.1
1.1.0
1.0.8
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0-alpha.3
1.0.0-alpha.2
1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c43295eb7c'
${ noResults }
session-ios/SignalServiceKit/src/Loki/Docs/SessionReset.md

2.8 KiB
Raw Blame History

Loki Session Reset

Signal

Since Signal uses a centralised server, creating sessions is easy as the prekeys can be easily fetched.

The process is as follows:

  1. A deletes all their sessions and sends End Session to B
    • A contacts the server and creates a new session
  2. B Gets this message and deletes all sessions.
  3. B Sends a message with a newly created session
    • B contacted server and established this
  4. A and B now have the same sessions so they can delete any archived ones.

Loki

Loki doesn't have a centralised server and thus we need to change the process above with something similar.

We have to introduce a session reset state sessionState which can take the following states:

  • none: No session reset is in progress
  • initiated: We have initiated the session reset
  • received: We have received a session reset from the other user

The new process is as follows:

  1. A Sends End Session with a PreKeyBundle and archives its own session.
    • sessionState = initiated
    • The session is archived as we could get a message from B using the archived session, so we still want to be able to decrypt that.
    • We can show Session reset in progress
  2. B Gets this message and saves the PreKeyBundle and archives its own sessions.
    • sessionState = received
    • B sends an empty message, which will trigger a new session to be created.
    • B deletes the PreKeyBundle once session is created.
    • We can show Session reset in progress
  3. A and B both do the routine below when receiving messages.

Upon receiving message (Only applies to PreKey and Cipher messages)

  • Store the current active session PS
  • Decrypt the message
    • Decrypting a message can cause the active session to change
  • If sessionState == none then it means that we haven't started session reset and we can abort.
  • Get the current session CS
  • If PS is nil then abort as we didn't have a session before.
  • If CS != PS then sessions were changed.
    • If sessionState == received then it means that the sender used an old session to contact us. We need to wait for them to use the new one.
      • Archive CS and set the session to PS
    • If sessionState == initiated then it means that the sender acknowledged our session reset and sent a message with a new session
      • Delete all session except CS
      • sessionState = none
      • Send an empty message to confirm session adoption
      • We can show Session reset done
  • If CS == PS then sessions were the same.
    • If sessionState == received then it means that the new session we created is the one the sender used for sending message. We have successfully adopted the new session.
    • Delete all sessions except PS
    • sessionState = none
    • We can show Session reset done