coleleavitt/opaque-lattice
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
1660db8d1477bd886869ee912e1ab34f307e275c
opaque-lattice/src/protocol/mod.rs
Cole Leavitt c034eb5be8 feat(protocol): add AKE wrapper for protocol-level unlinkability 
Combines NTRU-LWR-OPRF with Kyber key exchange to achieve:
- Correctness: Same password always produces same OPRF output
- Protocol-level unlinkability: Fresh ephemeral keys per session
- Post-quantum security: NTRU Prime (OPRF) + ML-KEM-768 (key exchange)

The OPRF itself is deterministic/linkable, but the encrypted channel
hides OPRF queries from the server, preventing session correlation.

Protocol flow:
1. Client/Server exchange Kyber ephemeral keys
2. Encrypted channel established
3. OPRF query/response sent over encrypted channel
4. Server sees different ciphertexts each session

Tests verify:
- Correctness: same password -> same output across sessions
- Unlinkability: encrypted requests differ between sessions
- Different passwords -> different outputs
2026-01-08 12:09:43 -07:00

36 lines
2.2 KiB
Rust
Raw Blame History

//! Post-Quantum OPAQUE Protocol with Protocol-Level Unlinkability
//!
//! This module implements a complete OPAQUE-style protocol that achieves:
//! - **Correctness**: Same password always produces the same OPRF output
//! - **Protocol-level unlinkability**: Server cannot correlate login sessions
//! - **Post-quantum security**: Based on NTRU Prime (OPRF) + ML-KEM (key exchange)
//!
//! # Architecture
//!
//! ```text
//! ┌─────────────────────────────────────────────────────────────────┐
//! │ Client Server │
//! │ │ │ │
//! │ │──── Kyber ephemeral pubkey ─────────────>│ │
//! │ │<─── Kyber ephemeral pubkey + ciphertext──│ │
//! │ │ │ │
//! │ │ [Encrypted channel established] │ │
//! │ │ │ │
//! │ │──── Encrypted(BlindedInput) ────────────>│ Server │
//! │ │<─── Encrypted(ServerResponse) ───────────│ cannot │
//! │ │ │ correlate │
//! │ │ [OPRF complete, session key derived] │ queries │
//! └─────────────────────────────────────────────────────────────────┘
//! ```
//!
//! The OPRF itself (NTRU-LWR) is deterministic/linkable, but the Kyber
//! ephemeral keys make sessions unlinkable at the protocol level.
mod session;
pub use session::{
ClientHello, ClientSession, EncryptedOprfRequest, EncryptedOprfResponse, ProtocolError,
ServerHello, ServerSession, SessionKey, client_finish_handshake, client_receive_oprf,
client_send_oprf, client_start, server_handle_hello, server_handle_oprf,
};
Reference in New Issue View Git Blame Copy Permalink