[−]Module themis::secure_comparator
Secure Comparator protocol.
Secure Comparator is an interactive protocol for two parties that compares whether they share the same secret or not. It is built around a Zero Knowledge Proof-based protocol (Socialist Millionaire’s Protocol), with a number of security enhancements.
Secure Comparator is transport-agnostic and only requires the user(s) to pass messages in a certain sequence. The protocol itself is ingrained into the functions and requires minimal integration efforts from the developer.
Examples
Secure Comparator has two parties — called the client and the server — the only difference between them is that the client is the one who initiates the comparison.
Before initiating the protocol both parties should append their secrets to be compared. This can be done incrementally so even multi-gigabyte data sets can be compared with ease.
use themis::secure_comparator::SecureComparator; let mut comparison = SecureComparator::new(); comparison.append_secret(b"999-04-1234")?;
After that the client initiates the comparison and runs a loop like this:
let mut request = comparison.begin_compare()?; while !comparison.is_complete() { send(&request); // This function should send the `request` to the server. let reply = receive(); // This function should receive a `reply` from the server. request = comparison.proceed_compare(&reply)?; } if !comparison.result()? { unimplemented!("handle failed comparison here"); }
While the server does almost the same:
while !comparison.is_complete() { // This function should receive a `request` from the client. let request = receive(); let reply = comparison.proceed_compare(&request)?; send(&reply); // This function should send the `reply` to the client. } if !comparison.result()? { unimplemented!("handle failed comparison here"); }
Both the server and the client use result to get the comparison result
after it is_complete:
Structs
| SecureComparator | Secure Comparison context. |