From b9771dae613fa7094ab01c05faedde5e391b2d94 Mon Sep 17 00:00:00 2001
From: Richard van der Hoff <richard@matrix.org>
Date: Mon, 23 Nov 2020 18:31:08 +0000
Subject: [PATCH] DH ratchet sequence diagram

---
 docs/DH ratchet.svg |  1 +
 docs/DH ratchet.txt | 39 +++++++++++++++++++++++++++++++++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 docs/DH ratchet.svg
 create mode 100644 docs/DH ratchet.txt

diff --git a/docs/DH ratchet.svg b/docs/DH ratchet.svg
new file mode 100644
index 0000000..b8f7f0d
--- /dev/null
+++ b/docs/DH ratchet.svg	
@@ -0,0 +1 @@
+<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="1125" height="1049"><defs/><g><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g/><g><rect fill="white" stroke="none" x="0" y="0" width="1125" height="1049"/></g><g/><g><path fill="none" stroke="white" paint-order="fill stroke markers" d=" M 26.228017155370363 81.198525942 L 26.228017155370363 1049.3710845882813" stroke-miterlimit="10" stroke-width="1.2565541"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 296.27010115290386 81.198525942 L 296.27010115290386 1049.3710845882813" stroke-miterlimit="10" stroke-width="1.2565541"/><path fill="none" stroke="white" paint-order="fill stroke markers" d=" M 566.3121851504374 81.198525942 L 566.3121851504374 1049.3710845882813" stroke-miterlimit="10" stroke-width="1.2565541"/><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 832.8915816556002 81.198525942 L 832.8915816556002 1049.3710845882813" stroke-miterlimit="10" stroke-width="1.2565541"/><path fill="none" stroke="white" paint-order="fill stroke markers" d=" M 1099.470978160763 81.198525942 L 1099.470978160763 1049.3710845882813" stroke-miterlimit="10" stroke-width="1.2565541"/></g><g><path fill="none" stroke="none"/><g><path fill="white" stroke="none" paint-order="stroke fill markers" d=" M 7.5393246000000005 40.636959594000004 L 44.916709710740726 40.636959594000004 L 44.916709710740726 81.198525942 L 7.5393246000000005 81.198525942 L 7.5393246000000005 40.636959594000004 Z"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="23.899658982000002" y="66.119876742" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text></g><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 304.86493119690385 17.415839825999996 A 8.594830044 8.594830044 0 1 1 304.8649268994892 17.407244997388464 M 296.27010115290386 26.010669869999997 L 296.27010115290386 44.406621894 M 285.41347372890385 32.645275518 L 307.1267285769039 32.645275518 M 296.27010115290386 44.406621894 L 285.41347372890385 61.596281982 M 296.27010115290386 44.406621894 L 307.1267285769039 61.596281982" stroke-miterlimit="10" stroke-width="2.5633703640000003" stroke-dasharray=""/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="278.6357723107408" y="76.674931182" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Alice</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="none" paint-order="stroke fill markers" d=" M 547.623492595067 40.636959594000004 L 585.0008777058077 40.636959594000004 L 585.0008777058077 81.198525942 L 547.623492595067 81.198525942 L 547.623492595067 40.636959594000004 Z"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="563.983826977067" y="66.119876742" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text></g><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 841.4864116996002 17.415839825999996 A 8.594830044 8.594830044 0 1 1 841.4864074021856 17.407244997388464 M 832.8915816556002 26.010669869999997 L 832.8915816556002 44.406621894 M 822.0349542316003 32.645275518 L 843.7482090796002 32.645275518 M 832.8915816556002 44.406621894 L 822.0349542316003 61.596281982 M 832.8915816556002 44.406621894 L 843.7482090796002 61.596281982" stroke-miterlimit="10" stroke-width="2.5633703640000003" stroke-dasharray=""/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="818.7199403058078" y="76.674931182" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">Bob</text></g><path fill="none" stroke="none"/><g><path fill="white" stroke="none" paint-order="stroke fill markers" d=" M 1080.7822856053926 40.636959594000004 L 1118.1596707161334 40.636959594000004 L 1118.1596707161334 81.198525942 L 1080.7822856053926 81.198525942 L 1080.7822856053926 40.636959594000004 Z"/></g><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="1097.1426199873927" y="66.119876742" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> </text></g></g><g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 202.50327401881452 111.355824342 L 390.0369282869932 111.355824342 L 390.0369282869932 146.03671750200002 L 202.50327401881452 146.03671750200002 L 202.50327401881452 111.355824342" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="223.6133828988145" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="258.9566675057481" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="280.56860788965923" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(0, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="351.2551771035264" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">S</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="360.0909982552598" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 739.1247545215109 111.355824342 L 926.6584087896896 111.355824342 L 926.6584087896896 146.03671750200002 L 739.1247545215109 146.03671750200002 L 739.1247545215109 111.355824342" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="760.2348634015109" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="795.5781480084445" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="817.1900883923556" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(0, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="887.8766576062228" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">S</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="896.7124787579562" y="132.46593322200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 146.28685765986677 168.654691302 L 446.25334464594096 168.654691302 L 446.25334464594096 203.335584462 L 146.28685765986677 203.335584462 L 146.28685765986677 168.654691302" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="167.39696653986675" y="189.76480018200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">generate new ratchet keypair </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="389.7999511590074" y="189.76480018200002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="225.953558262" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg0</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="239.524342542" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 296.27010115290386 245.555802222 L 820.4768271476003 245.555802222" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(832.8915816556002,245.555802222) translate(-832.8915816556002,-245.555802222)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 820.3260406556002 239.273031722 L 832.8915816556002 245.555802222 L 820.3260406556002 251.838572722 Z"/></g></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="268.173776022" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg1</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="281.7445603020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 296.27010115290386 287.77601998200004 L 820.4768271476003 287.77601998200004" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(832.8915816556002,287.77601998200004) translate(-832.8915816556002,-287.77601998200004)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 820.3260406556002 281.493249482 L 832.8915816556002 287.77601998200004 L 820.3260406556002 294.05879048200006 Z"/></g></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="310.39399378200005" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg2</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="323.96477806200005" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 296.27010115290386 329.99623774200006 L 820.4768271476003 329.99623774200006" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(832.8915816556002,329.99623774200006) translate(-832.8915816556002,-329.99623774200006)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 820.3260406556002 323.71346724200004 L 832.8915816556002 329.99623774200006 L 820.3260406556002 336.2790082420001 Z"/></g></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 682.9083381625632 352.6142115420001 L 982.8748251486373 352.6142115420001 L 982.8748251486373 387.29510470200006 L 682.9083381625632 387.29510470200006 L 682.9083381625632 352.6142115420001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="704.0184470425631" y="373.7243204220001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">generate new ratchet keypair </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="926.4214316617038" y="373.7243204220001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 668.4381872149924 409.9130785020001 L 997.3449760962081 409.9130785020001 L 997.3449760962081 444.59397166200006 L 668.4381872149924 444.59397166200006 L 668.4381872149924 409.9130785020001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="689.5482960949923" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="724.8915807019259" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="746.5035210858371" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="790.6826249371554" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="826.025909544089" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, DH(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="870.2050133954074" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="905.548298002341" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="923.2199403058078" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="958.5632249127414" y="431.02318738200006" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">))</text></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="467.2119454620001" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg3</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="480.78272974200013" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 832.8915816556002 486.8141894220001 L 308.68485566090385 486.8141894220001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(296.27010115290386,486.8141894220001) translate(-296.27010115290386,-486.8141894220001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 308.83564215290386 480.53141892200006 L 296.27010115290386 486.8141894220001 L 308.83564215290386 493.0969599220001 Z"/></g></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 131.81670671229597 509.4321632220001 L 460.72349559351176 509.4321632220001 L 460.72349559351176 544.1130563820001 L 131.81670671229597 544.1130563820001 L 131.81670671229597 509.4321632220001" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="152.92681559229595" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="188.27010019922955" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="209.88204058314068" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="254.06114443445904" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="289.40442904139263" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, DH(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="333.583532892711" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[0]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="368.9268174996446" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="386.5984598031114" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="421.941744410045" y="530.5422721020001" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">))</text></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="566.731030182" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg4</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="580.301814462" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 832.8915816556002 586.333274142 L 308.68485566090385 586.333274142" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(296.27010115290386,586.333274142) translate(-296.27010115290386,-586.333274142)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 308.83564215290386 580.0505036420001 L 296.27010115290386 586.333274142 L 308.83564215290386 592.616044642 Z"/></g></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="663.0657147123576" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg5</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="676.6364989923576" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 832.8915816556002 608.9512479420001 L 307.9312003602878 800.714005069156" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(296.27010115290386,804.9736875420001) rotate(-20.06674117734117,0,0) translate(-296.27010115290386,-804.9736875420001)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 308.83564215290386 798.6909170420001 L 296.27010115290386 804.9736875420001 L 308.83564215290386 811.2564580420001 Z"/><g transform="rotate(20.06674117734117,0,0)"/></g></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 146.28685765986677 639.1085463420002 L 446.25334464594096 639.1085463420002 L 446.25334464594096 673.7894395020002 L 146.28685765986677 673.7894395020002 L 146.28685765986677 639.1085463420002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="167.39696653986675" y="660.2186552220002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">generate new ratchet keypair </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="389.7999511590074" y="660.2186552220002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[2]</text></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 131.81670671229597 696.4074133020002 L 460.72349559351176 696.4074133020002 L 460.72349559351176 731.0883064620002 L 131.81670671229597 731.0883064620002 L 131.81670671229597 696.4074133020002" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="152.92681559229595" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[2]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="188.27010019922955" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="209.88204058314068" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="254.06114443445904" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="289.40442904139263" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, DH(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="333.583532892711" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[2]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="368.9268174996446" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="386.5984598031114" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="421.941744410045" y="717.5175221820002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">))</text></g><g><g><rect fill="white" stroke="none" x="495.8115796153775" y="753.7062802620002" width="137.53852357774903" height="19.602243960000003"/></g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="498.07337699537754" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[2]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="533.4166616023111" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="542.2524827540445" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg6</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="577.5957673609781" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="586.4315885127115" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="595.745021206193" y="767.2770645420002" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[2]</text></g><g><path fill="none" stroke="black" paint-order="fill stroke markers" d=" M 296.27010115290386 756.2969755919177 L 820.5207036821353 800.4900868387225" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g transform="translate(832.8915816556002,801.5329231919177) rotate(4.818509420050672,0,0) translate(-832.8915816556002,-801.5329231919177)"><path fill="black" stroke="none" paint-order="stroke fill markers" d=" M 820.3260406556002 795.2501526919177 L 832.8915816556002 801.5329231919177 L 820.3260406556002 807.8156936919177 Z"/><g transform="rotate(-4.818509420050672,0,0)"/></g></g><path fill="white" stroke="black" paint-order="fill stroke markers" d=" M 668.4381872149924 824.1508969919178 L 997.3449760962081 824.1508969919178 L 997.3449760962081 858.8317901519177 L 668.4381872149924 858.8317901519177 L 668.4381872149924 824.1508969919178" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="689.5482960949923" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[2]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="724.8915807019259" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> = </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="746.5035210858371" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="790.6826249371554" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="826.025909544089" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, DH(</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="870.2050133954074" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[1]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="905.548298002341" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="italic" font-weight="normal" text-decoration="normal" x="923.2199403058078" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[2]</text><text fill="black" stroke="none" font-family="monospace" font-size="11pt" font-style="normal" font-weight="normal" text-decoration="normal" x="958.5632249127414" y="845.2610058719177" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">))</text></g><path fill="#EDF2AE" stroke="black" paint-order="fill stroke markers" d=" M 12.657232875370362 881.4497639519177 L 1113.041762440763 881.4497639519177 L 1113.041762440763 996.5958123882814 L 12.657232875370362 996.5958123882814 L 12.657232875370362 881.4497639519177" stroke-miterlimit="10" stroke-width="1.2565541" stroke-dasharray=""/><g><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="901.3261651700996" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">where:</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="915.0340280791904" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="915.0340280791904" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">S</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="162.93904147749424" y="915.0340280791904" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> is the shared secret derived from the 3ECDH exchange</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="928.7418909882813" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="928.7418909882813" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[n]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="187.02859435682774" y="928.7418909882813" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> is a root key</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="942.4497538973721" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="942.4497538973721" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">T[n]</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="187.02859435682774" y="942.4497538973721" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> is a ratchet keypair</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">HKDF(</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="195.05844436293125" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">salt</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="227.17784820204258" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="243.23755012159825" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">key</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="267.3271020472574" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="275.35695300703526" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> means performing an HMAC-based key derivation with a salt value of </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="746.5062144816446" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">salt</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="778.625618320756" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and input key material of </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="955.177864414506" y="956.157616806463" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">key</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">DH(</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="178.9987424433756" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">k1</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="195.05844436293125" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">, </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="211.11814628248692" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">k2</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="227.17784820204258" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="235.20769916182041" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> means performing Diffie-Hellman with the private half of </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="622.0285914958048" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">k1</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="638.0882934153605" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> and the public half of </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="788.4017242014933" y="969.8654797155539" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">k2</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="146.43157897596836" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">  </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="154.9091905177164" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[n]</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="187.02859435682774" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">(</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="195.05844531660557" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">msg</text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="219.14799724226475" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">)</text><text fill="black" stroke="none" font-family="sans-serif" font-size="10pt" font-style="normal" font-weight="normal" text-decoration="normal" x="227.17784820204258" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve"> means a message encrypted with a key derived from root key </text><text fill="black" stroke="none" font-family="monospace" font-size="10pt" font-style="italic" font-weight="normal" text-decoration="normal" x="649.6554482996988" y="983.5733426246447" text-anchor="start" dominant-baseline="alphabetic" xml:space="preserve">R[n]</text></g></g></g></svg>
\ No newline at end of file
diff --git a/docs/DH ratchet.txt b/docs/DH ratchet.txt
new file mode 100644
index 0000000..b52e983
--- /dev/null
+++ b/docs/DH ratchet.txt	
@@ -0,0 +1,39 @@
+lifelinestyle ::solid
+participantspacing 10
+
+participant :0 " " as p0
+lifelinestyle p0 #white
+
+actor "Alice" as A
+
+participant :0 " " as p1
+lifelinestyle p1 #white
+
+actor "Bob" as B
+
+participant :0 " " as p2
+lifelinestyle p2 #white
+
+
+parallel
+box over A: ""//R[0]//"" = ""HKDF(0, //S//)""
+box over B: ""//R[0]//"" = ""HKDF(0, //S//)""
+parallel off
+
+box over A: generate new ratchet keypair ""//T[0]//""
+A->B: ""//R[0]//(//msg0//)"", ""//T[0]//""
+A->B: ""//R[0]//(//msg1//)"", ""//T[0]//""
+A->B: ""//R[0]//(//msg2//)"", ""//T[0]//""
+box over B: generate new ratchet keypair ""//T[1]//""
+box over B: ""//R[1]//"" = ""HKDF(//R[0]//, DH(//T[1]//, //T[0]//))""
+B->A: ""//R[1]//(//msg3//)"", ""//T[1]//""
+box over A: ""//R[1]//"" = ""HKDF(//R[0]//, DH(//T[0]//, //T[1]//))""
+B->A: ""//R[1]//(//msg4//)"", ""//T[1]//""
+B->(13)A: ""//R[1]//(//msg5//)"", ""//T[1]//""
+space -14
+box over A: generate new ratchet keypair ""//T[2]//""
+box over A: ""//R[2]//"" = ""HKDF(//R[1]//, DH(//T[2]//, //T[1]//))""
+A->(3)B: ""//R[2]//(//msg6//)"", ""//T[2]//""
+box over B: ""//R[2]//"" = ""HKDF(//R[1]//, DH(//T[1]//, //T[2]//))""
+
+box over p0,p2 #EDF2AE:<size:10>where:\n  ""//S//"" is the shared secret derived from the 3ECDH exchange\n  ""//R[n]//"" is a root key\n  ""//T[n]//"" is a ratchet keypair\n  ""HKDF(//salt//, //key//)"" means performing an HMAC-based key derivation with a salt value of ""//salt//"" and input key material of ""//key//""\n  ""DH(//k1//, //k2//)"" means performing Diffie-Hellman with the private half of ""//k1//"" and the public half of ""//k2//""\n  ""//R[n]//(//msg//)"" means a message encrypted with a key derived from root key ""//R[n]//""
\ No newline at end of file