commitments

Documentation

Overview

Package commitments implements a cryptographic commitment.

Commitment scheme is as follows: T = HMAC(fixedKey, "Key Transparency Commitment" || 16 byte nonce || message) message is defined as: len(userID) || userID || data

Index

• Variables
• func Commit(userID string, data, nonce []byte) []byte
• func GenCommitmentKey() ([]byte, error)
• func Verify(userID string, commitment, data, nonce []byte) error

Variables

var (

	// ErrInvalidCommitment occurs when the commitment doesn't match the profile.
	ErrInvalidCommitment = errors.New("invalid commitment")
)

Functions

func Commit

func Commit(userID string, data, nonce []byte) []byte

Commit makes a cryptographic commitment under a specific userID to data.

func GenCommitmentKey

func GenCommitmentKey() ([]byte, error)

GenCommitmentKey generates a commitment key for use in Commit. This key must be kept secret in order to prevent an adversary from learning what data has been committed to by a commitment. To unseal and verify a commitment, provide this key, along with the data under commitment to the client.

In Key Transparency, the user generates this key, creates a commitment, and signs it. The user uploads the signed commitment along with this key and the associated data to the server in order for the server to reveal the associated data to senders. This commitment scheme keeps the associated data from leeking to anyone that has not explicitly requested it from the server.

func Verify

func Verify(userID string, commitment, data, nonce []byte) error

Verify customizes a commitment with a userID.