cmix

package

v0.0.9 Latest Latest Go to latest Published: Dec 6, 2023 License: BSD-2-Clause Imports: 11 Imported by: 9

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitlab.com/elixxir/crypto

Links

Open Source Insights

Documentation ¶

Overview ¶

Any extensions or modifications to the core messaging functionality should be done here, except for conversion of the encrypted message types to the comms messages used for transmitting data.

Package cmix derives new keys within the cyclic group from salts and a symmetric key, locked to a monotonic roundID counter. It also is used for managing keys and salts for communication between clients

Package cmix derives new keys within the cyclic group from salts and a base key. It also is used for managing keys and salts for communication between clients

Index ¶

func ClientEncrypt(grp *cyclic.Group, msg format.Message, salt []byte, ...) format.Message
func ClientKeyGen(grp *cyclic.Group, salt []byte, roundID id.Round, symmetricKeys []*cyclic.Int) *cyclic.Int
func GenerateClientGatewayKey(baseKey *cyclic.Int) []byte
func GenerateKMAC(salt []byte, symmetricKey *cyclic.Int, roundID id.Round, h hash.Hash) []byte
func GenerateKMACs(salt []byte, symmetricKeys []*cyclic.Int, roundID id.Round, h hash.Hash) [][]byte
func NewSalt(csprng csprng.Source, size int) []byte
func NodeKeyGen(grp *cyclic.Group, salt []byte, roundID id.Round, ...)
func SelectGroupBit(payload, prime []byte, rng csprng.Source) bool
func SetGroupBits(msg format.Message, grp *cyclic.Group, rng csprng.Source)
func VerifyKMAC(expectedKmac, salt []byte, symmetricKey *cyclic.Int, roundID id.Round, ...) bool

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ClientEncrypt ¶

func ClientEncrypt(grp *cyclic.Group, msg format.Message,
	salt []byte, symmetricKeys []*cyclic.Int, roundID id.Round) format.Message

ClientEncrypt encrypts the message for the client by multiplying the inverted encryption key by the message payload

func ClientKeyGen ¶

func ClientKeyGen(grp *cyclic.Group, salt []byte, roundID id.Round,
	symmetricKeys []*cyclic.Int) *cyclic.Int

ClientKeyGen generate encryption key for clients.

func GenerateClientGatewayKey ¶

func GenerateClientGatewayKey(baseKey *cyclic.Int) []byte

GenerateClientGatewayKey hashes the symmetric key between client and the node

func GenerateKMAC ¶

func GenerateKMAC(salt []byte, symmetricKey *cyclic.Int, roundID id.Round,
	h hash.Hash) []byte

GenerateKMAC hashes the salt and base key together using the passed in hashing algorithm to produce a kmac

func GenerateKMACs ¶

func GenerateKMACs(salt []byte, symmetricKeys []*cyclic.Int, roundID id.Round,
	h hash.Hash) [][]byte

GenerateKMACs creates a list of KMACs all with the same salt but different base keys

func NewSalt ¶

func NewSalt(csprng csprng.Source, size int) []byte

NewSalt creates a byte slice of `size` using the provided output from the given cryptographically secure pseudo-random number generator

func NodeKeyGen ¶

func NodeKeyGen(grp *cyclic.Group, salt []byte, roundID id.Round, symmetricKey, output *cyclic.Int)

NodeKeyGen generates encryption key for nodes.

func SelectGroupBit ¶

func SelectGroupBit(payload, prime []byte, rng csprng.Source) bool

selectGroupBit selects what the "group bit" (the highest order bit in the payload) should be it will randomly choose 1 or 0 in the event that choosing 1 will keep the payload in the group, otherwise it will default to 0. true - set the bit to 1 false - set the bit to 0

func SetGroupBits ¶

func SetGroupBits(msg format.Message, grp *cyclic.Group, rng csprng.Source)

SetGroupBits takes a message and a cyclic group and randomly sets the highest order bit in its 2 sub payloads, defaulting to 0 if 1 would put the sub-payload outside of the cyclic group.

WARNING: the behavior above results in 0 vs 1 biasing. in general, groups used have many (100+) leading 1s, which as a result would cause a bias of ~ 1:(1-2^-numLeadingBits). with a high number of leading bits, this is a non issue, but if a prime is chosen with few or no leading bits, this will cease to solve the tagging attack it is meant to fix

Tagging attack: if the dumb solution of leaving the first bits as 0 is chosen, it is possible for an attacker to 75% of the time (when one or both leading bits flip to 1) identity a message they made multiplied garbage into for a tagging attack. This fix makes the leading its random in order to thwart that attack

func VerifyKMAC ¶

func VerifyKMAC(expectedKmac, salt []byte, symmetricKey *cyclic.Int,
	roundID id.Round, h hash.Hash) bool

VerifyKMAC verifies that the generated GenerateKMAC is the same as the passed in GenerateKMAC

Types ¶

This section is empty.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL