npsi

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 11, 2022 License: Apache-2.0 Imports: 11 Imported by: 0

README

npsi implementation

protocol

In the naive private set intersection (NPSI) [1], both parties agree on a non-cryptographic hash function, apply it to their inputs and then compare the resulting hashes. It is the most commonly used protocol due to its efficiency and ease for implementation, but it is insecure. The protocol has a major security flaw if the elements are taken from a small domain or a domain that does not have high entropy. In that case, P2 (the receiver) can recover all elements in the set of P1 (the sender) by running a brute force attack.

In the protocol, P2 samples a random 32 bytes salt K and sends it to P1. Both parties then use a non-cryptographic hash function (MetroHash) to hash their input identifiers seeded with K. P1 sends the hash values Hx to P2, who computes the intersection of both hashed identifiers.

data flow

Sender (P1)                                       Receiver (P2)
X                                                 Y

receive K        <------------------------------  generate K (32 bytes)

mh(K,X) -> H_X  ------------------------------>  intersect(H_X, mh(K,Y) -> H_Y))

mh(K,I): Metro hash of input I seeded with K

References

[1] B. Pinkas, T. Schneider, G. Segev, M. Zohner. Phasing: Private Set Intersection using Permutation-based Hashing. USENIX Security 2015. Full version available at http://eprint.iacr.org/2015/634.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func HashAll 

func HashAll(h hash.Hasher, identifiers <-chan []byte) <-chan hashPair

HashAll reads all identifiers from identifiers and hashes them until identifiers closes

func HashAllParallel 

func HashAllParallel(h hash.Hasher, identifiers <-chan []byte) <-chan hashPair

HashAllParallel reads all identifiers from identifiers and parallel hashes them until identifiers closes

func HashRead 

func HashRead(r io.Reader, u *uint64) (err error)

HashRead reads one hash

func HashWrite 

func HashWrite(w io.Writer, u uint64) error

HashWrite writes one hash out

func ReadAll 

func ReadAll(r io.Reader, n int64) <-chan uint64

ReadAll reads from r until io.EOF and writes into a channel. note that binary.Read will return EOF only if no bytes are read and if an EOF happens after reading some but not all the bytes, Read returns ErrUnexpectedEOF.

Types

type Receiver 

type Receiver struct {
	// contains filtered or unexported fields
}

Receiver represents the receiver side of the NPSI protocol

func NewReceiver 

func NewReceiver(rw io.ReadWriter) *Receiver

NewReceiver returns a receiver initialized to use rw as a buffered communication layer

func (*Receiver) Intersect 

func (r *Receiver) Intersect(ctx context.Context, n int64, identifiers <-chan []byte) ([][]byte, error)

Intersect intersects on matchables read from the identifiers channel, returning the matching intersection, using the NPSI protocol. The format of an indentifier is 

string

type Sender 

type Sender struct {
	// contains filtered or unexported fields
}

Sender represents sender side of the NPSI protocol

func NewSender 

func NewSender(rw io.ReadWriter) *Sender

NewSender returns a sender initialized to use rw as the communication layer

func (*Sender) Send 

func (s *Sender) Send(ctx context.Context, n int64, identifiers <-chan []byte) error

Send initiates a NPSI exchange that are read from identifiers, until identifiers closes. The format of an indentifier is string example: 

0e1f461bbefa6e07cc2ef06b9ee1ed25101e24d4345af266ed2f5a58bcd26c5e

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.