npm install oprf
The sumo version of libsodium must be used
await _sodium.ready;
const oprf = new OPRF(_sodium);
A client has input x while a server holds key k. The client receives the output of fk(x) for some pseudorandom function family fk. The server learns nothing.
Contains a masked point and the mask that was applied to it
export interface IMaskedData {
readonly point: number[];
readonly mask: BN;
}
hashToPoint: maps string input to a point on the elliptic curve
public hashToPoint(input: string): number[]
maskInput: hashes string input as a point on an elliptic curve and applies a random mask to it
public maskInput(input: string): maskedData
generateRandomScalar: generates a random 32-byte array of numbers
public generateRandomScalar(): BN
isValidPoint: returns whether the given point exists on the elliptic curve
public isValidPoint(p: number[]): number
encodePoint: converts an elliptic.js point representation to number array representation
public encodePoint(p: any): number[]
decodePoint: converts a number array to elliptic.js point object representation
public decodePoint(p: number[]): any
unmaskInput: applies the multiplicative inverse of the mask to the masked point
public unmaskInput(maskedPoint: number[], mask: BN): number[]
1.) Client: hash input and mask it using a randomly generated 32-byte number
const input = 'hello world';
const masked = oprf.maskInput(input);
// Send masked.point to server. Do not send masked.mask to the server since it can easily unmask your original input.
2.) Server: salt the masked point using a secret key
// Note: your actual secret key should be a static 32-byte Uint8Array. Do not generate a new scalar for each OPRF unless you have a specific use case for doing so.
const secretKey = oprf.generateRandomScalar();
const salted = oprf.scalarMult(maskedPoint, secretKey);
// Send salted back to the client
3.) Client: unmask the salted point from the server to get a high-entropy output
// Make sure that masked.mask corresponds to the original mask used.
// Otherwise, this will not give you the correct output.
const unmasked = oprf.unmaskInput(salted, masked.mask);
Implementation inspired by Burns et. al. https://pdfs.semanticscholar.org/5d33/ea1d3fda454875a6a6ee7c535c80c74af512.pdf
FAQs
Oblivious pseudo-random function over an elliptic curve (ED25519)
We found that oprf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.
Security News
Oracle seeks to dismiss fraud claims in the JavaScript trademark dispute, delaying the case and avoiding questions about its right to the name.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.