1 files changed, 16 insertions, 5 deletions
diff --git a/site/content/register_docs.md b/site/content/register_docs.md
index a387838..523ed57 100644
--- a/site/content/register_docs.md
+++ b/site/content/register_docs.md
@@ -8,7 +8,7 @@ POST request to `/register` endpoint
 Lets a user to authenticate themselves to the system.
 Only people who are enrolled to the class can open Gradecoin accounts.
-This is enforced with your Student ID and a one time password you will receive.
+This is enforced with your Student ID (e123456) and a one time password you will receive.
 # Authentication Process
@@ -24,11 +24,22 @@ This is enforced with your Student ID and a one time password you will receive.
 }
 ```
+## Cipher Initialization
+> Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
 - Pick a short temporary key (`k_temp`)
- Pick a random IV (`iv`).
+- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`).
- Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
+## Encryption
+- Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
+- The temporary key you have picked `k_temp` is encrypted using RSA with [OAEP](https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding) padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
 - Base64 encode the IV (`iv`) as well.
+{% tidbit() %}
+The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard.
+{% end %}
 - The payload JSON object (`auth_request`) can be serialized now:
 ```json
@@ -40,4 +51,4 @@ This is enforced with your Student ID and a one time password you will receive.
 ```
 If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
-You can now sign JWTs to send authorized transaction requests.
+You can now sign [JWTs](@/JWT.md) to send authorized transaction requests.

diff --git a/site/content/register_docs.md b/site/content/register_docs.md index a387838..523ed57 100644 --- a/site/content/register_docs.md +++ b/site/content/register_docs.md
@@ -8,7 +8,7 @@ POST request to `/register` endpoint
8		8
9	Lets a user to authenticate themselves to the system.	9	Lets a user to authenticate themselves to the system.
10	Only people who are enrolled to the class can open Gradecoin accounts.	10	Only people who are enrolled to the class can open Gradecoin accounts.
11	This is enforced with your Student ID and a one time password you will receive.	11	This is enforced with your Student ID (e123456) and a one time password you will receive.
12		12
13	# Authentication Process	13	# Authentication Process
14		14
@@ -24,11 +24,22 @@ This is enforced with your Student ID and a one time password you will receive.
24	}	24	}
25	```	25	```
26		26
		27	## Cipher Initialization
		28
		29	> Since we are working with AES-128, both key and IV should be 128 bits (or 16 hexadecimal characters)
		30
27	- Pick a short temporary key (`k_temp`)	31	- Pick a short temporary key (`k_temp`)
28	- Pick a random IV (`iv`).	32	- Pick a random IV [1](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Initialization_vector_(IV)) [2](https://en.wikipedia.org/wiki/Initialization_vector) (`iv`).
29	- Encrypt the serialized string of `P_AR` with 128 bit block AES in CBC mode with Pkcs7 padding using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.	33
30	- The temporary key you have picked `k_temp` is encrypted using RSA with OAEP padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.	34	## Encryption
		35	- Encrypt the serialized string of `P_AR` with 128 bit block [AES](https://en.wikipedia.org/wiki/Initialization_vector) in [CBC](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#CBC) mode with [Pkcs7 padding](https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Padding) using the temporary key (`k_temp`), the result is `C_AR`. Encode this with base64.
		36	- The temporary key you have picked `k_temp` is encrypted using RSA with [OAEP](https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding) padding scheme using SHA-256 with `gradecoin_public_key`, giving us `key_ciphertext`. Encode this with base64.
31	- Base64 encode the IV (`iv`) as well.	37	- Base64 encode the IV (`iv`) as well.
		38
		39	{% tidbit() %}
		40	The available tools and libraries might warn you about how using the primitives given above are "hazardous". They are, crypto is hard.
		41	{% end %}
		42
32	- The payload JSON object (`auth_request`) can be serialized now:	43	- The payload JSON object (`auth_request`) can be serialized now:
33		44
34	```json	45	```json
@@ -40,4 +51,4 @@ This is enforced with your Student ID and a one time password you will receive.
40	```	51	```
41		52
42	If your authentication process was valid, you will be given access and your public key fingerprint that is your address.	53	If your authentication process was valid, you will be given access and your public key fingerprint that is your address.
43	You can now sign JWTs to send authorized transaction requests.	54	You can now sign [JWTs](@/JWT.md) to send authorized transaction requests.