proxy.golang.org : github.com/ericlagergren/dr
Package dr implements the Double Ratchet scheme. What follows is a high-level overview of the Double Ratchet scheme, mostly paraphrased from the whitepaper [signal]. The Double Ratchet Algorithm is comprised of two "ratchets" over three KDF chains. A ratchet is a construction where each step forward is constructed with a one-way function, making it impossible to recover previous keys (forward secrecy). KDF chains are the core construction of the Double Ratchet Algorithm. A KDF chain is a construction where part of the output of the KDF is used to key the next invocation of the KDF, and the rest is used for some other purpose (like message encryption). This construction has some desirable properties, including forward security and resilience against attackers that can manipulate the KDF inputs. In a Double Ratchet session both parties have three chains: Each party's sending chain will match the other's receiving chain and vice versa. The root chain is the same for both parties. Both parties have their own ephemeral ratchet key pair. Each time a message is sent the sender generates a new key pair and attaches the new public key to the message. The sender then uses the shared Diffie-Hellman value as input to the sending chain, advancing it one step. Likewise, when the recipient receives the message (and is informed of the sender's new public key), the recipient uses the shared Diffie-Hellman value as input to the receiving chain, advancing it one step and keeping it in sync with the other party's sending chain. In other words, when Alice sends Bob a message she creates a new Diffie-Hellman key pair and uses her private key and Bob's public key to compute the shared Diffie-Hellman value. When Bob receives the message, he uses Alice's new public key and his private key to also compute the shared Diffie-Hellman value. As each message is sent and received the sending and receiving chains are advanced. The output of advancing each chain is used as a message key to encrypt each individual message. This package does not implement encrypted headers. More information can be found in the following links.
Registry
-
Source
- Documentation
- JSON
purl: pkg:golang/github.com/ericlagergren/dr
Keywords:
double-ratchet-algorithm
License: BSD-3-Clause
Latest release: over 3 years ago
First release: over 3 years ago
Namespace: github.com/ericlagergren
Stars: 1 on GitHub
Forks: 0 on GitHub
See more repository details: repos.ecosyste.ms
Last synced: 19 days ago