search

cloudflare / circl

CIRCL: Cloudflare Interoperable Reusable Cryptographic Library
http://blog.cloudflare.com/introducing-circl
Other
1.22k stars 136 forks source link

enhancement request: implement KDF (SDHI and/or Naor-Reingold) #423

Open udf2457 opened 1 year ago

udf2457 commented 1 year ago

By way of backround, this request is based on my reading about Meta Anonymous Credential Service which they recently open-sourced (unfortunately in C !) https://github.com/facebookresearch/acs.

Anyways ... TL;DR, the curious beast in me thought I might have a go at re-implementing it in Go so I can play around with it.

Obviously Go stdlib doesn't provide many of the necessary building crypto building blocks, but circl does:

But unfortunately .....

"attribute-based key derivation function" :x:

Meta say in their blog post:

We recommend Strong Diffie–Hellman Inversion (SDHI) or Naor-Reingold for better key transparency.

Hence this request :wink: ( espcially as my github searches seem to show nobody else has a Go implementation of either of those KDFs either)

Perhaps see also comments in the header files re: SDHI and Naor-Reingold: kdf/kdf_sdhi.h kdf/kdf_naor_reingold.h

armfazh commented 10 months ago

Implementing either algorithm can benefit from using CIRCL's group interface, as they only require conventional elliptic curve arithmetic.

We would like to hear other use cases. I leave this ticket open in case anyone wants to contribute with the implementation.

HamdaanAliQuatil commented 3 weeks ago

hey @armfazh 👋 If someone hasn't started already - can I take this up, please?

armfazh commented 3 weeks ago

One question here is whether these KDFs can be implemented using the CIRCL's public API, i.e., without including the KDFs as part of CIRCL. If so, then these can be implemented elsewhere using CIRCL as a dependency.

OTOH, if, for some reason, the KDFs need to play with the internals of CIRCL to make them work, then we may consider add support to these KDFs.

Let's figure out this first, open for comments.

HamdaanAliQuatil commented 2 weeks ago

Hey @armfazh it took me some time to get to a conclusion but I believe, both SDHI and Naor-Reingold KDF could be implemented using existing APIs.

Here's my implementation for SDHI, please let me know if you find anything wrong: https://gist.github.com/HamdaanAliQuatil/e186aa1a9a1b40e550303a58c47cb709

I'm not 100% certain about Naor-Reingold and am trying to implement it following this code: https://github.com/facebookresearch/acs/blob/main/lib/kdf/kdf_naor_reingold.c

Please let me know if you think otherwise.