Changing keys

ATTENTION: This is currently only a design document; none of this is implemented!

Changing Symmetric Keys

Changing Asymmetric Keys

Adding Key Pairs

Recovery from Attacks

Recovery after someone got to know any of the symmetric keys

If attacker didn't change the loginKey

In this case, the user can log in and use his account without restrictions. However, the attacker's access must be revoked:

If attacker changed the loginKey AND user has an offline backup of the key pairs

If attacker changed the loginKey AND user doesn't have an offline backup of the key pairs