Clarify documentation about MAC key

2015-08-22 13:28:28 +02:00 · 2015-08-22 13:28:28 +02:00 · b6872fb454
parent 16e87d7208
commit b6872fb454
1 changed files with 7 additions and 7 deletions
--- a/doc/Design.md
+++ b/doc/Design.md
@ -249,13 +249,13 @@ These last 32 bytes are divided into a 16 byte AES key `k` followed by 16 bytes
 of secret key `r`. They key `r` is then masked for use with Poly1305 (see the
 paper for details).
-This message authentication key is used to compute a MAC over the bytes contained
+This message authentication key (`k` and `r`) is used to compute a MAC over the
-in the JSON field `data` (after removing the Base64 encoding and not including
+bytes contained in the JSON field `data` (after removing the Base64 encoding
-the last 32 byte). If the password is incorrect or the key file has been
+and not including the last 32 byte). If the password is incorrect or the key
-tampered with, the computed MAC will not match the last 16 bytes of the data,
+file has been tampered with, the computed MAC will not match the last 16 bytes
-and restic exits with an error. Otherwise, the data is decrypted with the
+of the data, and restic exits with an error. Otherwise, the data is decrypted
-encryption key derived from `scrypt`. This yields a JSON document which
+with the encryption key derived from `scrypt`. This yields a JSON document
-contains the master encryption and message authentication keys for this
+which contains the master encryption and message authentication keys for this
 repository (encoded in Base64). The command `restic cat masterkey` can be used
 as follows to decrypt and pretty-print the master key: