X-Git-Url: http://www.git.cypherpunks.ru/?p=nncp.git;a=blobdiff_plain;f=doc%2Feblob.texi;h=a7e9b8f47d43c6cf5d5642950845d8e18955ee87;hp=256e6d1e0dcc787677730f2a64c3bb91d80908ae;hb=203dfe36da7adf2b3089e4fa4017a67409cbad70;hpb=0fad171c0d79ad583c0faf5427e22d1d62a0a52d

diff --git a/doc/eblob.texi b/doc/eblob.texi
index 256e6d1..a7e9b8f 100644
--- a/doc/eblob.texi
+++ b/doc/eblob.texi
@@ -1,7 +1,9 @@
 @node EBlob
+@cindex eblob
+@cindex encrypted configuration
 @unnumbered EBlob format
 
-Eblob is an encrypted blob (binary large object, in the terms of
+EBlob is an encrypted blob (binary large object, in the terms of
 databases), holding any kind of symmetrically encrypted data with the
 passphrase used to derive the key. It is used to secure configuration
 files, holding valuable private keys, allowing them to be transferred
@@ -20,6 +22,9 @@ is @strong{not} the password. Password is a short string of high entropy
 low-entropy characters. Low-entropy text is much more easier to
 remember, and its length provides pretty enough entropy as a result.
 
+@cindex password
+@cindex balloon
+@cindex Argon2
 Password strengthening function is applied to that passphrase to
 mitigate brute-force and dictionary attacks on it. Here,
 @url{https://crypto.stanford.edu/balloon/, Balloon} memory-hard password
@@ -29,7 +34,7 @@ attacks and seems more secure than Argon2
 (@url{https://password-hashing.net/, Password Hashing Competition}
 winner).
 
-Eblob is an @url{https://tools.ietf.org/html/rfc4506, XDR}-encoded structure:
+EBlob is an @url{https://tools.ietf.org/html/rfc4506, XDR}-encoded structure:
 
 @verbatim
 +-------+------------------+------+
@@ -54,15 +59,8 @@ Eblob is an @url{https://tools.ietf.org/html/rfc4506, XDR}-encoded structure:
 @end multitable
 
 @enumerate
-@item generate the main key using @code{balloon(BLAKE2b-256, S, T, P,
-salt, password)}
-@item initialize @url{https://blake2.net/, BLAKE2Xb} XOF with generated
-main key and 32-byte output length
-@item feed @verb{|N N C P B 0x00 0x00 0x03|} magic number to XOF
-@item read 32-bytes of blob AEAD encryption key
+@item generate the key using @code{balloon(BLAKE2b-256, S, T, P, salt, password)}
 @item encrypt and authenticate blob using
     @url{https://cr.yp.to/chacha.html, ChaCha20}-@url{https://en.wikipedia.org/wiki/Poly1305, Poly1305}.
-    Blob is divided on 128 KiB blocks. Each block is encrypted with
-    increasing nonce counter. Eblob packet itself, with empty blob
-    field, is fed as an additional authenticated data
+    EBlob packet itself, with empty blob field, is fed as an additional authenticated data
 @end enumerate