From 3ccd3087cf4fd22b945e5a077d94fdaab71b8a7a Mon Sep 17 00:00:00 2001 From: Ian Goldberg Date: Wed, 28 Apr 2021 13:35:19 -0400 Subject: [PATCH] Start defining the credentials used by the system --- crates/lox-library/src/cred.rs | 40 ++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 crates/lox-library/src/cred.rs diff --git a/crates/lox-library/src/cred.rs b/crates/lox-library/src/cred.rs new file mode 100644 index 0000000..97eb09d --- /dev/null +++ b/crates/lox-library/src/cred.rs @@ -0,0 +1,40 @@ +/*! The various credentials used by the system. In each case, (P,Q) + * forms the MAC on the credential. This MAC is verifiable only by the + * issuing party, or if the issuing party issues a zero-knowledge proof + * of its correctness (as it does at issuing time). */ + +use curve25519_dalek::ristretto::RistrettoPoint; +use curve25519_dalek::scalar::Scalar; + +/// A migration credential. This credential authorizes the holder of +/// the Lox credential with the given id to switch from bucket +/// from_bucket to bucket to_bucket. +pub struct Migration { + pub P: RistrettoPoint, + pub Q: RistrettoPoint, + pub lox_id: Scalar, + pub from_bucket: Scalar, + pub to_bucket: Scalar, +} + +/// The main user credential in the Lox system. Its id is jointly +/// generated by the user and the BA (bridge authority), but known only +/// to the user. The level_since date is the Julian date of when this +/// user was changed to the current trust level. (P_noopmigration, +/// Q_noopmigration) are the MAC on the implicit no-op migration +/// credential formed by the attributes (id, bucket, bucket), which +/// authorizes the user to switch from its current bucket to the same +/// bucket (i.e., a no-op). This can be useful for hiding from the BA +/// whether or not the user is performing a bucket migration. +pub struct Lox { + pub P: RistrettoPoint, + pub Q: RistrettoPoint, + pub id: Scalar, + pub bucket: Scalar, + pub trust_level: Scalar, + pub level_since: Scalar, + pub invites_remaining: Scalar, + pub invites_issued: Scalar, + pub P_noopmigration: RistrettoPoint, + pub Q_noopmigration: RistrettoPoint, +}