Documentation ¶
Overview ¶
Package acd implements the double ratchet protocol specified by Joël Alwen, Sandro Coretti and Yevgeniy Dodis in their paper The Double Ratchet: Security Notions, Proofs, and Modularization for the Signal Protocol (https://eprint.iacr.org/2018/1037.pdf). The scheme relies on novel cryptographic primitives like a forward-secure authenticated encryption scheme with associated data (FS-AEAD), a continuous key-agreement protocol (CKA) and a PRF-PRNG construction.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type DoubleRatchet ¶
type DoubleRatchet struct {
// contains filtered or unexported fields
}
DoubleRatchet designates the the secure channel protocol defined by a FS-AEAD scheme, a CKA construction and a PRF-PRNG algorithm.
func NewDoubleRatchet ¶
func NewDoubleRatchet(aead encryption.Authenticated, pke encryption.Asymmetric, dss signature.Signature) *DoubleRatchet
NewDoubleRatchet returns a fresh double ratchet instance for a given AEAD scheme.
func (DoubleRatchet) Init ¶
func (d DoubleRatchet) Init() (alice, bob *User, err error)
Init intializes the double ratchet protocol and returns two user states.
type User ¶
type User struct { Gamma []byte // Gamma is CKA state. T []byte // T is the current CKA message. I int // I is the current user epoch. Root []byte // Root is the current PRF-PRNG key. V map[int][]byte // V contains all FS-AEAD (send, receive) states. // contains filtered or unexported fields }
User designates a participant in the protocol that can both send and receive messages. It has to be passed as an argument to both the send and receive routines.