npm install oprf
The sumo version of libsodium must be used
await _sodium.ready;
const oprf = new OPRF(_sodium);
A client has input x while a server holds key k. The client receives the output of fk(x) for some pseudorandom function family fk. The server learns nothing.
Contains a masked point and the mask that was applied to it
export interface IMaskedData {
readonly point: number[];
readonly mask: BN; // big number
}
hashToPoint: maps string input to a point on the elliptic curve
public hashToPoint(input: string): number[]
maskInput: hashes string input as a point on an elliptic curve and applies a random mask to it
public maskInput(input: string): IMaskedData
generateRandomScalar: generates a random 32-byte array of numbers
public generateRandomScalar(): BN
isValidPoint: returns whether the given point exists on the elliptic curve
public isValidPoint(point: number[]): number
encodePoint: converts an elliptic.js point representation to number array representation
public encodePoint(point: any): number[]
decodePoint: converts a number array to elliptic.js point object representation
public decodePoint(point: number[]): any
unmaskInput: applies the multiplicative inverse of the mask to the masked point
public unmaskInput(maskedPoint: number[], mask: BN): number[]
1.) Client: hash input and mask it using a randomly generated 32-byte number
const input = 'hello world';
const masked = oprf.maskInput(input);
// Send masked.point to server. Do not send masked.mask to the server since it can easily unmask your original input.
2.) Server: salt the masked point using a secret key
// Note: your actual secret key should be a static 32-byte Uint8Array. Do not generate a new scalar for each OPRF unless you have a specific use case for doing so.
const secretKey = oprf.generateRandomScalar();
const salted = oprf.scalarMult(maskedPoint, secretKey);
// Send salted back to the client
3.) Client: unmask the salted point from the server to get a high-entropy output
// Make sure that masked.mask corresponds to the original mask used.
// Otherwise, this will not give you the correct output.
const unmasked = oprf.unmaskInput(salted, masked.mask);
Implementation inspired by Burns et. al. https://pdfs.semanticscholar.org/5d33/ea1d3fda454875a6a6ee7c535c80c74af512.pdf
FAQs
Oblivious pseudo-random function over an elliptic curve (ED25519)
The npm package oprf receives a total of 2 weekly downloads. As such, oprf popularity was classified as not popular.
We found that oprf demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The Linux Foundation is warning open source developers that compliance with global sanctions is mandatory, highlighting legal risks and restrictions on contributions.
Security News
Maven Central now validates Sigstore signatures, making it easier for developers to verify the provenance of Java packages.
Security News
CISOs are racing to adopt AI for cybersecurity, but hurdles in budgets and governance may leave some falling behind in the fight against cyber threats.