Like suggested in the discussion with the teacher we should use salt in the domain, username hashing to prevent finger printing.

We therefore need a way to generate one, and store it permanently. We also need to include the salt in the hashing of the domain and username.

Non-Repudiation

• Store the Hash of the information to guarantee non-repudiation of ALL operations that led to the current point in time;

Integrity and Confidentiality

• In order to guarantee confidentiality of the information we must encrypt the triplet's fields individually.
  • The problem: RSA's asymmetric ciphering uses padding to guarantee that it won't weaken the encryption or the Encryption Key (in this case, the client's private key); But if used the client wont be able to achieve the same ciphered output and therefore unable to query the server;
  • The solution: In order to be able to guarantee confidentiality and still keep the ability to query the server we must store the hash of the ciphered fields User and Domain;
    • The problem: This arrises another issue which is the server now has the ability to fingerprint the User and Domain fields;
    • The solution: the client must add a salt to the hashing mechanism, which he must share with his othe devices, just like the private key; Another option is to deterministically generate the salt from the private key;

Replay and Man-In-Middle

• To prevent replay attacks have a logic timestamp (incremental int); And to prevent the substitution of parts of the message, MAC the message with HMAC;
  • Generate a Diffie Helman for the server to use; Client uses private Key;
• No nonce challenges allowed, only the communication fields must be ciphered, the rest is clear text;

The crypto methods are catching the exceptions witch they should not be doing.
The exceptions should be thrown to make it easy to know further "up" the stack if there was any mistake and where it happened.