Module message

Expand description

SD-APKE: SecureDrop authenticated public-key encryption.

Spec pseudocode:

def KGen():
    (sk1, pk1) = AKEM.KGen()
    (sk2, pk2) = KEM_PQ.KGen()
    sk = (sk1, sk2)
    pk = (pk1, pk2)
    return (sk, pk)

def AuthEnc(sk=(skS1, skS2), pk=(pkR1, pkR2), m, ad, info):
    (c2, K2) = KEM_PQ.Encap(pkR=pkR2)
    (c1, cp) = pskAEnc(skS=skS1, pkR=pkR1, psk=K2, m=m, ad=ad, info=c2+info)
    return ((c1, cp), c2)

def AuthDec(sk=(skR1, skR2), pk=(pkS1, pkS2), c1, cp, c2, ad, info):
    K2 = KEM_PQ.Decap(skR=skR2, enc=c2)
    m = pskADec(pkS=pkS1, skR=skR1, psk=K2, c1=c1, cp=cp, ad=ad, info=c2+info)
    return m

Structs§

MessageCiphertext: SD-APKE ciphertext ((c1, cp), c2).
MessageKeyPair: A (MessagePrivateKey, MessagePublicKey) SD-APKE keypair.
MessagePrivateKey: The SD-APKE private key tuple sk^APKE = (sk1, sk2).
MessagePublicKey: The SD-APKE public key tuple pk^APKE = (pk1, pk2).

Functions§

auth_dec: SD-APKE.AuthDec: decrypt ciphertext from sender.
auth_enc: SD-APKE.AuthEnc: encrypt message m from sender to recipient.
keygen: SD-APKE.KGen: generate a MessageKeyPair.

Module message

Module message Copy item path

Structs§

Functions§

Module message