opaque-lattice

coleleavitt/opaque-lattice

Fork 0

Commit Graph

Author	SHA1	Message	Date
Cole Leavitt	c034eb5be8	feat(protocol): add AKE wrapper for protocol-level unlinkability Combines NTRU-LWR-OPRF with Kyber key exchange to achieve: - Correctness: Same password always produces same OPRF output - Protocol-level unlinkability: Fresh ephemeral keys per session - Post-quantum security: NTRU Prime (OPRF) + ML-KEM-768 (key exchange) The OPRF itself is deterministic/linkable, but the encrypted channel hides OPRF queries from the server, preventing session correlation. Protocol flow: 1. Client/Server exchange Kyber ephemeral keys 2. Encrypted channel established 3. OPRF query/response sent over encrypted channel 4. Server sees different ciphertexts each session Tests verify: - Correctness: same password -> same output across sessions - Unlinkability: encrypted requests differ between sessions - Different passwords -> different outputs	2026-01-08 12:09:43 -07:00

Author

SHA1

Message

Date

Cole Leavitt

c034eb5be8

feat(protocol): add AKE wrapper for protocol-level unlinkability

Combines NTRU-LWR-OPRF with Kyber key exchange to achieve:
- Correctness: Same password always produces same OPRF output
- Protocol-level unlinkability: Fresh ephemeral keys per session
- Post-quantum security: NTRU Prime (OPRF) + ML-KEM-768 (key exchange)

The OPRF itself is deterministic/linkable, but the encrypted channel
hides OPRF queries from the server, preventing session correlation.

Protocol flow:
1. Client/Server exchange Kyber ephemeral keys
2. Encrypted channel established
3. OPRF query/response sent over encrypted channel
4. Server sees different ciphertexts each session

Tests verify:
- Correctness: same password -> same output across sessions
- Unlinkability: encrypted requests differ between sessions
- Different passwords -> different outputs

2026-01-08 12:09:43 -07:00

1 Commits