sskg

package module

v0.0.0-...-c5c64c8 Latest Latest Go to latest Published: Nov 7, 2014 License: MIT Imports: 3 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/codahale/sskg

Links

Open Source Insights

README ¶

sskg

A Go implementation of a fast, tree-based Seekable Sequential Key Generator.

For documentation, check godoc.

Documentation ¶

Overview ¶

Package sskg provides a Go implementation of Seekable Sequential Key Generators (SSKGs). Specifically, this package provides an HKDF-based implementation of a binary tree-based SSKG as described by Marson and Poettering (https://eprint.iacr.org/2014/479.pdf) which features fast key advancing (~6μs) and low memory usage (O(log N)).

An example of SSKG usage is cryptographically protected local logs. In this scenario, logs on a computer are secured via MACs. If the MAC key is constant, an attacker can extract the key and forge or modify log entries in the past.

The traditional solution to this is to use a foward-secure solution like a hash chain, but this presents a large computational expense to auditors: in order to verify the MAC using the Nth key, the auditor must calculate N-1 hashes, which may be cumbersome. An SSKG, in contrast, allows quickly seeking forward to arbitrary points of time (specifically, Marson and Poettering's tree-based SSKG can perform O(log N) seeks).

Index ¶

type Seq
- func New(alg func() hash.Hash, seed []byte, maxKeys uint) Seq

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Seq ¶

type Seq struct {
	// contains filtered or unexported fields
}

A Seq is a sequence of forward-secure keys.

func New ¶

func New(alg func() hash.Hash, seed []byte, maxKeys uint) Seq

New creates a new Seq with the given hash algorithm, seed, and maximum number of keys.

func (Seq) Key ¶

func (s Seq) Key(size int) []byte

Key returns the Seq's current key of the given size.

func (*Seq) Next ¶

func (s *Seq) Next()

Next advances the Seq's current key to the next in the sequence.

(In the literature, this function is called Evolve.)

func (*Seq) Seek ¶

func (s *Seq) Seek(n int)

Seek moves the Seq to the N-th key without having to calculate all of the intermediary keys. It is equivalent to, but faster than, N invocations of Next().

Source Files ¶

View all Source files

sskg.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL