From 1f0531879edd88c304db3bbd14937f89ee3087ca Mon Sep 17 00:00:00 2001 From: Gab <24553253+gabrix73@users.noreply.github.com> Date: Fri, 6 Jun 2025 13:53:39 +0200 Subject: Update README.md --- README.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'README.md') diff --git a/README.md b/README.md index 29c8497..fd320e0 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,28 @@ Encrypted communication is based on shared **Session IDs**, which encapsulate th - Once both sides are synchronized, they can start exchanging encrypted text. --- +## πŸ“Œ What Is the Session ID? + +The `Session ID` is not a simple string or UUID β€” it's a **cryptographic descriptor** of the secure session. +It contains all the necessary public information to allow the other party to **synchronize**, encrypt, and verify the session context. + +### πŸ” Composition of a Session ID + +- πŸ”‘ The **public key** of the sender (Kyber1024-90s) +- 🧬 A **nonce** β€” a unique 24-byte random seed +- 🧠 Optionally, a digital signature (Dilithium5-AES) for verifying the identity +- πŸ†” A hashed session fingerprint using BLAKE2b + +> Think of it like a β€œtemporary public key” for a one-time encrypted channel. + +### 🧩 Why it matters + +Sharing this `Session ID` allows another user to: +- Derive a **shared secret** via post-quantum KEM +- Bind their session securely to yours +- Encrypt data you alone can decrypt (and vice versa) + +---- ## πŸ’₯ End Session = Total Key Destruction -- cgit v1.2.3