Expand description
This module defines the combined functionality for producing a puncturable partially oblivious pseudorandom function (PPOPRF) protocol. The protocol combines the PPOPRF of Tyagi et al. with the classic GGM puncturable PRF.
The result is a POPRF that can provide forward-security guarantees
related to the pseudorandomness of client-side outputs, by allowing
the puncturing of metadata tags from the server secret key. Such
guarantees hold when clients reveal POPRF outputs for a metadata tag
t, after t has been punctured from the secret key. This
functionality is used to provide forward-secure randomness to
clients in the STAR protocol.
Modules
- This module implements the Goldwasser-Goldreich-Micali PRF, along with extended functionality that allows puncturing inputs from secret keys.
- This module defines the
ClientandServerfunctionality for a puncturable partially oblivious pseudorandom function (PPOPRF).