Skip to main content

DecryptionRatchet

p2panda_encryption::message_scheme::ratchet

Struct DecryptionRatchet 

Source 
pub struct DecryptionRatchet;
Expand description

Message ratchet for decryption with support for handling lost or out-of-order messages.

§Out-of-order handling

Out-of-order messages cause the ratchet to “jump” ahead and keep “unused” keys persisted until they’re used eventually.

In this example our chain has a length of 2 at the moment a message for generation 4 arrives out of order (we’ve expected generation 2). Now we pre-generate the keys for the “jumped” messages (generation 2 and 3) and keep them persisted for later. We decrypt the new message for generation 4 with the regular, now “latest”, chain state.

0
1 <- Current chain "head"
2
3
4 <- New chain "head" after receiving message @ generation 4

§Tolerance limits

Developers can and should set bounds to how much a decryption ratchet can tolerate messages arriving out of order, that is, into the “future” and into the “past”. Setting these “window” limits has implications for the forward secrecy of an application as unused keys stay around for a while. A setting should be picked wisely based on the network’s reliability to deliver and order messages and security requirements.

Implementations§

Source§

impl DecryptionRatchet

Source

pub fn init(secret: Secret<MESSAGE_KEY_SIZE>) -> DecryptionRatchetState

Source

pub fn secret_for_decryption( y: DecryptionRatchetState, generation: Generation, maximum_forward_distance: u32, ooo_tolerance: u32, ) -> Result<(DecryptionRatchetState, RatchetKeyMaterial), RatchetError>

Returns a secret from the ratchet for decryption. Throws an error if requested secret is out of bounds.

§Limits Configuration
  • Out-of-order (ooo) tolerance: This parameter defines a window for which decryption secrets are kept. This is useful in case the ratchet cannot guarantee that all application messages have total order within an epoch. Use this carefully, since keeping decryption secrets affects forward secrecy within an epoch.
  • Maximum forward distance: This parameter defines how many incoming messages can be skipped. This is useful if the application drops messages.

Trait Implementations§

Source§

impl Debug for DecryptionRatchet

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

Source§

fn vzip(self) -> V