Documentation
¶
Index ¶
- Constants
- func Encrypt(msg []byte, aux []byte, nonce *[NONCE_SIZE]byte, key *[BOX_KEY_SIZE]byte) []byte
- func GenerateP256Key() (*big.Int, *big.Int, *big.Int)
- func GenerateP256KeyWithBase(basex, basey *big.Int) (*big.Int, *big.Int, *big.Int)
- func LogEquivalence(exp, basex1, basey1, x1, y1, basex2, basey2, x2, y2 *big.Int) []byte
- func Nonce(round, row, index int) [NONCE_SIZE]byte
- func OnionEncrypt(msg []byte, auxs [][]byte, nonces [][]byte, keys [][]byte) []byte
- func Open(out, abox []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) ([]byte, bool)
- func P256DecryptionWorker(nonce *[NONCE_SIZE]byte, auxSize int, wg *sync.WaitGroup, ...)
- func P256KeyToBytes(x, y, priv *big.Int) ([]byte, []byte)
- func P256OnionEncrypt(msg []byte, auxs [][]byte, nonces [][]byte, keys [][]byte, nizk bool) ([]byte, []byte)
- func PoKLog(exp, x, y *big.Int) []byte
- func Seal(out, message []byte, nonce *[24]byte, peersPublicKey, privateKey *[32]byte) []byte
- func SecretOpen(out, box []byte, nonce *[24]byte, key *[32]byte) ([]byte, bool)
- func SecretSeal(out, message []byte, nonce *[24]byte, key *[32]byte) []byte
- func VerifyLogEquivalence(basex1, basey1, x1, y1, basex2, basey2, x2, y2 *big.Int, prf []byte) bool
- func VerifyPoKLog(x, y *big.Int, prf []byte) bool
- type AuxProcessor
- type DecryptionJob
- type DecryptionWorker
- type Mix
- type RoundConfiguration
- type Shuffler
Constants ¶
View Source
const BOX_KEY_SIZE = 32
View Source
const NONCE_SIZE = 24
View Source
const Overhead = sha256.Size
View Source
const POINT_SIZE = 64
View Source
const SHARED_KEY_SIZE = 32
View Source
const SymmetricKeySize = 16
Variables ¶
This section is empty.
Functions ¶
func Encrypt ¶
func Encrypt(msg []byte, aux []byte, nonce *[NONCE_SIZE]byte, key *[BOX_KEY_SIZE]byte) []byte
encrypt just one layer
func GenerateP256KeyWithBase ¶
func LogEquivalence ¶
func Nonce ¶
func Nonce(round, row, index int) [NONCE_SIZE]byte
func OnionEncrypt ¶
auxs is auxilary data to append to the ith layer of encryption. keys given should be in reverse encryption order (i.e., message traversal order). auxs and keys are reversed in place, so the caller should not reuse these arrays outside
func P256DecryptionWorker ¶
func P256DecryptionWorker(nonce *[NONCE_SIZE]byte, auxSize int, wg *sync.WaitGroup, jobs chan DecryptionJob)
func P256OnionEncrypt ¶
func SecretOpen ¶
SecretOpen opens the ciphertext generated using SecretSeal.
func SecretSeal ¶
SecretSeal performs AES-HMAC authenticated encryption with a symmetric key. TODO: We need to check that out does not overlap the message or the nonce.
func VerifyLogEquivalence ¶
Types ¶
type AuxProcessor ¶
aux processors take in old ciphertext, new ciphertext, length of auxilary data returns valid or not
type DecryptionJob ¶
type DecryptionJob struct {
PrivateKey *[BOX_KEY_SIZE]byte
Ciphertext []byte
AuxProcessor AuxProcessor
PrivateBlindKey []byte
Idx int
Result [][]byte
// for verifiable decryption
ProdWg *sync.WaitGroup
ProdJob chan []byte
}
type DecryptionWorker ¶
type DecryptionWorker = func(nonce *[NONCE_SIZE]byte, auxSize int, wg *sync.WaitGroup, jobs chan DecryptionJob)
type Mix ¶
type Mix interface {
// Creates a new round. This does *not* generate encryption key.
// Encryption keys are expected to be generated by outside routine,
// and set through SetRoundKey
NewRound(round int, config RoundConfiguration) error
EndRound(round int) error
// SetRoundKey sets the onion encryption key for the round.
SetRoundKey(round int, publicKey, privateKey []byte) error
// RoundKey returns the onion encryption key for the round.
RoundKey(round int) ([]byte, error)
// RoundConfiguration gets the config
RoundConfiguration(round int) (RoundConfiguration, error)
// SetAuxProcessor takes in a function that will be used to
// process the auxilary data each ciphertext.
// Takes ciphertext and aux length as input
// returns some result, and whether the processing is successful
SetAuxProcessor(round int, auxProcessor AuxProcessor) error
// AddMessage takes in some messages and decrypt.
AddMessages(round int, msgs [][]byte) error
// Mix returns shuffled messages.
Mix(round int) ([][]byte, error)
// Shuffler returns the shuffler that shuffled the messages
// can be used shuffle outside things that should match
// the permutation of the messages
Shuffler(round int) (*Shuffler, error)
//////// Verifiable mixnet related functions ////////
// AddCiphertexts saves ciphertext for later verification
// also verifies client nizks for discrete log
AddCiphertexts(round int, ciphertexts [][]byte, prfs [][]byte) error
// SetBlindKey sets the blinding key for the round.
SetBlindKey(round int, publicKeys [][]byte, privateKey []byte) error
// BlindKey returns the blind key
BlindKey(round int) ([]byte, error)
// StartRound is used to setup relevant values once the ciphertexts
// are submitted
StartRound(round int) error
// ProveMix returns the shuffled output,
// and the proof of shuffle.
ProveMix(round int) ([][]byte, []byte, error)
// VerifyProof checks that out is a shuffled version of in.
VerifyProof(round, index int, in [][]byte, proof []byte) error
// ConfirmVerification is used to let a server know the proof
// successfully verified.
ConfirmVerification(round int, success bool) error
}
Mix is a single server on a mixnet group
func NewMix ¶
func NewMix(dw DecryptionWorker) Mix
type RoundConfiguration ¶
type RoundConfiguration struct {
ClientVerifiable bool // whether client submission is verifiable submission or not
Verifiable bool // whether this is a verifiable mixnet or not
Row int // group id of this mixnet group within a layer
Layer int // used if there are multiple layers
Index int // index of this server in the mixnet group
First bool // whether this is the first server
Last bool // whether this is the last server
AuxSize int // auxilary input length
GroupSize int // size of the mix chain
}
type Shuffler ¶
type Shuffler struct {
// contains filtered or unexported fields
}
func NewShuffler ¶
generate a shuffler that randomly shuffles an array using rand as the source of randomness
Source Files
Click to show internal directories.
Click to hide internal directories.