Page MenuHomePhabricator

[Identity] Implement some generic OPAQUE types

Authored by varun on Apr 15 2022, 11:46 AM.
Referenced Files
Unknown Object (File)
Mon, Mar 24, 3:21 PM
Unknown Object (File)
Mon, Mar 24, 3:21 PM
Unknown Object (File)
Sat, Mar 22, 6:11 AM
Unknown Object (File)
Mon, Mar 10, 5:18 AM
Unknown Object (File)
Wed, Mar 5, 8:39 AM
Unknown Object (File)
Wed, Mar 5, 8:39 AM
Unknown Object (File)
Wed, Mar 5, 8:39 AM
Unknown Object (File)
Wed, Mar 5, 8:39 AM



Depends on D3578

Implementation of the CipherSuite trait, which configures the underlying primitives for OPAQUE.

  • Group: a finite cyclic group along with a point representation, along with an extension trait PasswordToCurve that allows some customization on how to hash a password to a curve point
  • KeyExchange: The key exchange protocol to use in the login step
  • Hash: The main hashing function to use
  • SlowHash: A slow hashing function, typically used for password hashing
Test Plan

cargo build

this will get tested more in subsequent diffs that use the CipherSuite

Diff Detail

rCOMM Comm
varun/identity_service (branched from master)
No Lint Coverage
No Test Coverage

Event Timeline

ashoat added a reviewer: anunay. ashoat added 1 blocking reviewer(s): jim.Apr 18 2022, 8:23 PM
ashoat added a subscriber: anunay.

Adding @anunayk and making @jimpo since it appears like there are some cryptography decisions to be made here

This revision is now accepted and ready to land.Apr 19 2022, 2:55 AM

expose OPAQUE's CipherSuite as a library instead of a module, so that it can be reused in another executable to generate a keypair for the server

varun requested review of this revision.Apr 28 2022, 7:45 AM

Requesting review again since I changed the file structure after this diff was accepted

Revert file structure change

This revision is now accepted and ready to land.May 2 2022, 11:16 AM