Expand description
Implementation of a new style of bridge authority for Tor that allows users to invite other users, while protecting the social graph from the bridge authority itself.
We use CMZ14 credentials (GGM version, which is more efficient, but makes a stronger security assumption): “Algebraic MACs and Keyed-Verification Anonymous Credentials” (Chase, Meiklejohn, and Zaverucha, CCS 2014)
The notation follows that of the paper “Hyphae: Social Secret Sharing” (Lovecruft and de Valence, 2017), Section 4.
Modules§
- bridge_
table - The encrypted table of bridges.
- bridge_
verification_ info - cred
- The various credentials used by the system.
- dup_
filter - Filter duplicate shows of credentials and open invitations by id (which will typically be a Scalar).
- migration_
table - The migration table.
- proto
- The protocol modules.
Structs§
- CMZ_A
- CMZ_
A_ TABLE - CMZ_B
- CMZ_
B_ TABLE - Issuer
Priv Key - Private Key of the Issuer
- Issuer
PubKey
Constants§
- EXPIRY_
DATE - MAX_
DAILY_ BRIDGES - TODO: Decide on maximum daily number of invitations to be distributed
- OPENINV_
K - Number of times a given invitation is ditributed
- OPENINV_
LENGTH - An open invitation is a [u8; OPENINV_LENGTH] where the first 32 bytes are the serialization of a random Scalar (the invitation id), the next 4 bytes are a little-endian bucket number, and the last SIGNATURE_LENGTH bytes are the signature on the first 36 bytes.
Functions§
- pt_dbl
- Double a RistrettoPoint
- scalar_
dbl - Double a Scalar
- scalar_
u32 - Try to extract a u32 from a Scalar
- scalar_
u64 - Try to extract a u64 from a Scalar