privacypass

package

v0.6.0 Latest Latest Go to latest Published: Oct 24, 2022 License: MIT Imports: 11 Imported by: 5

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

git.openprivacy.ca/cwtch.im/tapir

Links

Open Source Insights

Documentation ¶

Index ¶

Constants
func GenerateBlindedTokenBatch(num int) (tokens []*Token, blindedTokens []BlindedToken)
func UnblindSignedTokenBatch(tokens []*Token, blindedTokens []BlindedToken, signedTokens []SignedToken, ...) bool
func VerifyDiscreteLogEquivalenceProof(dleq DLEQProof, X *ristretto.Element, Y *ristretto.Element, ...) bool
type BlindedToken
type DLEQProof
- func DiscreteLogEquivalenceProof(k *ristretto.Scalar, X *ristretto.Element, Y *ristretto.Element, ...) DLEQProof
type SignedBatchWithProof
type SignedToken
type SpentToken
type Token
type TokenPaymentHandler
type TokenServer
- func NewTokenServer() *TokenServer
- func NewTokenServerFromStore(k *ristretto.Scalar, persistenceService persistence.Service) *TokenServer

Constants ¶

View Source

const (
	BatchProofProtocol = "privacy-pass-batch-proof"
	BatchProofX        = "X-batch"
	BatchProofY        = "Y-batch"
	BatchProofPVector  = "P-vector"
	BatchProofQVector  = "Q-vector"

	DLEQX = "X"
	DLEQY = "Y"
	DLEQP = "P"
	DLEQQ = "Q"
	DLEQA = "A"
	DLEQB = "B"
)

Transcript Constants

Variables ¶

This section is empty.

Functions ¶

func GenerateBlindedTokenBatch ¶

func GenerateBlindedTokenBatch(num int) (tokens []*Token, blindedTokens []BlindedToken)

GenerateBlindedTokenBatch generates a batch of blinded tokens (and their unblinded equivalents)

func UnblindSignedTokenBatch ¶

func UnblindSignedTokenBatch(tokens []*Token, blindedTokens []BlindedToken, signedTokens []SignedToken, Y *ristretto.Element, proof DLEQProof, transcript *core.Transcript) bool

UnblindSignedTokenBatch taking in a set of tokens, their blinded & signed counterparts, a server public key (Y), a DLEQ proof and a transcript verifies that the signing procedure has taken place correctly and unblinds the tokens.

func VerifyDiscreteLogEquivalenceProof ¶

func VerifyDiscreteLogEquivalenceProof(dleq DLEQProof, X *ristretto.Element, Y *ristretto.Element, P *ristretto.Element, Q *ristretto.Element, transcript *core.Transcript) bool

VerifyDiscreteLogEquivalenceProof verifies the DLEQ for the given parameters and transcript Given Y = kX & Q = kP and Proof = (c,s) Vicky: X' := sX

Y' := cY
P' := sP
Q' := cQ
A' = X'+Y' == sX + cY ?= sG + ckG == (s+ck)X == tX == A
B' = P'+Q' == sP + cQ ?= sP + ckP == (s+ck)P == tP == B
c' := H(transcript(X,Y,P,Q,A',B'))

Tests c ?= c

Types ¶

type BlindedToken ¶

type BlindedToken struct {
	P *ristretto.Element
}

BlindedToken encapsulates a Blinded Token

type DLEQProof ¶

type DLEQProof struct {
	C *ristretto.Scalar
	S *ristretto.Scalar
}

DLEQProof encapsulates a Chaum-Pedersen DLEQ Proof gut In Ernest F. Brickell, editor,CRYPTO’92,volume 740 ofLNCS, pages 89–105. Springer, Heidelberg,August 1993

func DiscreteLogEquivalenceProof ¶

func DiscreteLogEquivalenceProof(k *ristretto.Scalar, X *ristretto.Element, Y *ristretto.Element, P *ristretto.Element, Q *ristretto.Element, transcript *core.Transcript) DLEQProof

DiscreteLogEquivalenceProof constructs a valid DLEQProof for the given parameters and transcript Given Y = kX & Q = kP Peggy: t := choose randomly from Zq

A := tX
B := tP
c := H(transcript(X,Y,P,Q,A,B))
s := (t + ck) mod q

Sends c,s to Vicky

type SignedBatchWithProof ¶

type SignedBatchWithProof struct {
	SignedTokens []SignedToken `json:"st"`
	Proof        DLEQProof     `json:"dp"`
}

SignedBatchWithProof encapsulates a signed batch of blinded tokens with a batch proof for verification

type SignedToken ¶

type SignedToken struct {
	Q *ristretto.Element
}

SignedToken encapsulates a Signed (Blinded) Token

type SpentToken ¶

type SpentToken struct {
	T   []byte
	MAC []byte
}

SpentToken encapsulates the parameters needed to spend a Token

type Token ¶

type Token struct {
	W *ristretto.Element
	// contains filtered or unexported fields
}

Token is an implementation of PrivacyPass Davidson A, Goldberg I, Sullivan N, Tankersley G, Valsorda F. Privacy pass: Bypassing internet challenges anonymously. Proceedings on Privacy Enhancing Technologies. 2018 Jun 1;2018(3):164-80.

func (*Token) GenBlindedToken ¶

func (t *Token) GenBlindedToken() BlindedToken

GenBlindedToken initializes the Token GenToken() & Blind()

func (Token) GetT ¶

func (t Token) GetT() []byte

GetT returns the underlying bytes for token for use in constraint proofs.

func (Token) MarshalJSON ¶ added in v0.6.0

func (t Token) MarshalJSON() ([]byte, error)

MarshalJSON - in order to store tokens in a serialized form we need to expose the private, unexported value `t`. Note that `r` is not needed to spend the token, and as such we effectively destroy it when we serialize. Ideally, go would let us do this with an annotation, alas.

func (*Token) SpendToken ¶

func (t *Token) SpendToken(data []byte) SpentToken

SpendToken binds the token with data and then redeems the token

type TokenPaymentHandler ¶

type TokenPaymentHandler interface {
	MakePayment()
	// Next Token
	NextToken(data []byte, hostname string) (SpentToken, error)
}

TokenPaymentHandler defines an interface with external payment processors

type TokenServer ¶

type TokenServer struct {
	Y *ristretto.Element
	// contains filtered or unexported fields
}

TokenServer implements a token server.

func NewTokenServer ¶

func NewTokenServer() *TokenServer

NewTokenServer generates a new TokenServer (used mostly for testing with ephemeral instances)

func NewTokenServerFromStore ¶

func NewTokenServerFromStore(k *ristretto.Scalar, persistenceService persistence.Service) *TokenServer

NewTokenServerFromStore generates a new TokenServer backed by a persistence service.

func (*TokenServer) Close ¶ added in v0.4.0

func (ts *TokenServer) Close()

Close ensures that the database is properly closed...

func (*TokenServer) SignBlindedToken ¶

func (ts *TokenServer) SignBlindedToken(bt BlindedToken) SignedToken

SignBlindedToken calculates kP for the given BlindedToken P

func (*TokenServer) SignBlindedTokenBatch ¶

func (ts *TokenServer) SignBlindedTokenBatch(blindedTokens []BlindedToken, transcript *core.Transcript) (*SignedBatchWithProof, error)

SignBlindedTokenBatch signs a batch of blinded tokens under a given transcript

func (*TokenServer) SignBlindedTokenBatchWithConstraint ¶

func (ts *TokenServer) SignBlindedTokenBatchWithConstraint(blindedTokens []BlindedToken, constraintToken []byte, transcript *core.Transcript) (*SignedBatchWithProof, error)

SignBlindedTokenBatchWithConstraint signs a batch of blinded tokens under a given transcript given a constraint that the tokens must be signed by the same public key as an existing token

func (*TokenServer) SpendToken ¶

func (ts *TokenServer) SpendToken(token SpentToken, data []byte) error

SpendToken returns true a SpentToken is valid and has never been spent before, false otherwise.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL