Documentation ¶
Overview ¶
Package sskg provides a Go implementation of Seekable Sequential Key Generators (SSKGs). Specifically, this package provides an HKDF-based implementation of a binary tree-based SSKG as described by Marson and Poettering (https://eprint.iacr.org/2014/479.pdf) which features fast key advancing (~6μs) and low memory usage (O(log N)).
An example of SSKG usage is cryptographically protected local logs. In this scenario, logs on a computer are secured via MACs. If the MAC key is constant, an attacker can extract the key and forge or modify log entries in the past.
The traditional solution to this is to use a foward-secure solution like a hash chain, but this presents a large computational expense to auditors: in order to verify the MAC using the Nth key, the auditor must calculate N-1 hashes, which may be cumbersome. An SSKG, in contrast, allows quickly seeking forward to arbitrary points of time (specifically, Marson and Poettering's tree-based SSKG can perform O(log N) seeks).
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Seq ¶
type Seq struct {
// contains filtered or unexported fields
}
A Seq is a sequence of forward-secure keys.