Anthropic-Cybersecurity-Skills/skills/implementing-end-to-end-encryption-for-messaging/references/workflows.md

# Workflows - End-to-End Encryption for Messaging

## Workflow 1: X3DH Key Agreement

```
Alice (initiator)                 Server                  Bob (responder)
  |                                 |                         |
  |                                 |<-- Register:            |
  |                                 |    Identity Key (IK_B)  |
  |                                 |    Signed PreKey (SPK_B)|
  |                                 |    One-Time PreKeys     |
  |                                 |                         |
  |-- Fetch Bob's Keys ----------->|                         |
  |<-- IK_B, SPK_B, OPK_B --------|                         |
  |                                 |                         |
  [Compute shared secret]:                                    |
  DH1 = DH(IK_A, SPK_B)                                     |
  DH2 = DH(EK_A, IK_B)                                      |
  DH3 = DH(EK_A, SPK_B)                                     |
  DH4 = DH(EK_A, OPK_B)                                     |
  SK = HKDF(DH1 || DH2 || DH3 || DH4)                      |
  |                                 |                         |
  |-- Send Initial Message ------->|-- Forward to Bob ------>|
  |   (IK_A, EK_A, OPK_id, msg)   |                         |
  |                                 |   [Bob computes same SK]|
```

## Workflow 2: Double Ratchet (Sending)

```
[Message to Send]
      |
[Check: Do we have recipient's new DH public key?]
  YES --> [DH Ratchet Step]
          - Generate new DH key pair
          - Compute DH shared secret
          - Derive new root key + sending chain key via HKDF
  NO  --> [Continue with current sending chain]
      |
[Symmetric Ratchet: Derive message key from sending chain]
(chain_key, message_key) = HMAC(chain_key, constants)
      |
[Encrypt message with AES-256-GCM using message_key]
      |
[Include header: DH public key, previous chain length, message number]
      |
[Delete message_key from memory]
```

## Workflow 3: Double Ratchet (Receiving)

```
[Received Encrypted Message + Header]
      |
[Check DH public key in header]
  [New key?]
    YES --> [DH Ratchet Step]
            - Compute DH shared secret
            - Derive new root key + receiving chain key
    NO  --> [Use current receiving chain]
      |
[Symmetric Ratchet: Derive message key]
      |
[Decrypt message with AES-256-GCM]
      |
[Verify authentication tag]
  FAIL --> Reject message
  PASS --> Return plaintext
      |
[Delete message_key from memory]
```

## Workflow 4: Session Lifecycle

```
[Initial Contact] --> [X3DH Key Exchange]
                            |
                      [Initialize Double Ratchet]
                            |
                      [Exchange Messages]
                      (DH ratchet + symmetric ratchet)
                            |
                      [Periodic DH Ratchet]
                      (every N messages or on reply)
                            |
                      [Session End / Archive]
```