| rfc9497v6.txt | rfc9497.txt | |||
|---|---|---|---|---|
| Internet Research Task Force (IRTF) A. Davidson | Internet Research Task Force (IRTF) A. Davidson | |||
| Request for Comments: 9497 Brave Software | Request for Comments: 9497 Brave Software | |||
| Category: Informational A. Faz-Hernandez | Category: Informational A. Faz-Hernandez | |||
| ISSN: 2070-1721 N. Sullivan | ISSN: 2070-1721 N. Sullivan | |||
| C. A. Wood | C. A. Wood | |||
| Cloudflare, Inc. | Cloudflare, Inc. | |||
| October 2023 | November 2023 | |||
| Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups | Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups | |||
| Abstract | Abstract | |||
| An Oblivious Pseudorandom Function (OPRF) is a two-party protocol | An Oblivious Pseudorandom Function (OPRF) is a two-party protocol | |||
| between a client and a server for computing the output of a | between a client and a server for computing the output of a | |||
| Pseudorandom Function (PRF). The server provides the PRF private | Pseudorandom Function (PRF). The server provides the PRF private | |||
| key, and the client provides the PRF input. At the end of the | key, and the client provides the PRF input. At the end of the | |||
| protocol, the client learns the PRF output without learning anything | protocol, the client learns the PRF output without learning anything | |||
| skipping to change at line 729 ¶ | skipping to change at line 729 ¶ | |||
| contextString = CreateContextString(modePOPRF, identifier) | contextString = CreateContextString(modePOPRF, identifier) | |||
| return POPRFServerContext(contextString, skS) | return POPRFServerContext(contextString, skS) | |||
| def SetupPOPRFClient(identifier, pkS): | def SetupPOPRFClient(identifier, pkS): | |||
| contextString = CreateContextString(modePOPRF, identifier) | contextString = CreateContextString(modePOPRF, identifier) | |||
| return POPRFClientContext(contextString, pkS) | return POPRFClientContext(contextString, pkS) | |||
| 3.2.1. Deterministic Key Generation | 3.2.1. Deterministic Key Generation | |||
| This section describes a deterministic key generation function, | This section describes a deterministic key generation function, | |||
| DeriveKeyPair. It accepts a seed of Ns bytes generated from a | DeriveKeyPair. It accepts a seed of 32 bytes generated from a | |||
| cryptographically secure random number generator and an optional | cryptographically secure random number generator and an optional | |||
| (possibly empty) info string. The constant Ns corresponds to the | (possibly empty) info string. Note that, by design, knowledge of | |||
| size in bytes of a serialized Scalar and is defined in Section 2.1. | seed and info is necessary to compute this function, which means that | |||
| Note that, by design, knowledge of seed and info is necessary to | the secrecy of the output private key (skS) depends on the secrecy of | |||
| compute this function, which means that the secrecy of the output | seed (since the info string is public). | |||
| private key (skS) depends on the secrecy of seed (since the info | ||||
| string is public). | ||||
| Input: | Input: | |||
| opaque seed[Ns] | opaque seed[32] | |||
| PublicInput info | PublicInput info | |||
| Output: | Output: | |||
| Scalar skS | Scalar skS | |||
| Element pkS | Element pkS | |||
| Parameters: | Parameters: | |||
| Group G | Group G | |||
| skipping to change at line 2894 ¶ | skipping to change at line 2892 ¶ | |||
| Authors' Addresses | Authors' Addresses | |||
| Alex Davidson | Alex Davidson | |||
| Brave Software | Brave Software | |||
| Email: alex.davidson92@gmail.com | Email: alex.davidson92@gmail.com | |||
| Armando Faz-Hernandez | Armando Faz-Hernandez | |||
| Cloudflare, Inc. | Cloudflare, Inc. | |||
| 101 Townsend St | 101 Townsend St | |||
| San Francisco, | San Francisco, CA | |||
| United States of America | United States of America | |||
| Email: armfazh@cloudflare.com | Email: armfazh@cloudflare.com | |||
| Nick Sullivan | Nick Sullivan | |||
| Cloudflare, Inc. | Cloudflare, Inc. | |||
| 101 Townsend St | 101 Townsend St | |||
| San Francisco, | San Francisco, CA | |||
| United States of America | United States of America | |||
| Email: nick@cloudflare.com | Email: nicholas.sullivan+ietf@gmail.com | |||
| Christopher A. Wood | Christopher A. Wood | |||
| Cloudflare, Inc. | Cloudflare, Inc. | |||
| 101 Townsend St | 101 Townsend St | |||
| San Francisco, | San Francisco, CA | |||
| United States of America | United States of America | |||
| Email: caw@heapingbits.net | Email: caw@heapingbits.net | |||
| End of changes. 8 change blocks. | ||||
| 13 lines changed or deleted | 11 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||