kxtzownsu/Icarus-Lite
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added dmbackend

Browse Source
This commit is contained in:
cosmic 2025-03-07 15:07:51 -07:00 committed by GitHub
parent 7d1b9b631f
commit 49b3589b06
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
7 changed files with 5640 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5014
dmbackend/device_management.proto Normal file
View File

File diff suppressed because it is too large Load Diff

78
dmbackend/private_membership.proto Normal file
View File

@ -0,0 +1,78 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
option optimize_for = LITE_RUNTIME;
package private_membership;
option go_package = "github.com/google/private-membership";
// An enum describing different types of available hash functions.
enum HashType {
HASH_TYPE_UNDEFINED = 0;
TEST_HASH_TYPE = 1;
SHA256 = 2;
reserved 3;
// Add more hash types if necessary.
}
// LINT.IfChange
// An enum describing how to hash IDs to encrypted buckets.
enum EncryptedBucketHashType {
ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED = 0;
ENCRYPTED_BUCKET_TEST_HASH_TYPE = 3;
// Use SHA256 of injective concatenation of non-sensitive and sensitive IDs.
// For backwards compatibility, this hash type should be used if this proto
// field is not specified.
SHA256_NON_SENSITIVE_AND_SENSITIVE_ID = 1;
reserved 2;
}
// LINT.ThenChange(//depot/google3/privacy/private_membership/rlwe/shared/rlwe_id_utils_test.cc:encrypted_bucket_hash_types)
// A proto message that holds the doubly encrypted identifier.
message DoublyEncryptedId {
// The identifier encrypted using the elliptic curve commutative
// cipher under an ephemeral key generated by the client that was sent in
// the request.
bytes queried_encrypted_id = 1;
// The double encryption of a client requested identifier. The encryption
// scheme used is the Elliptic Curve commutation cipher. The
// first encryption layer uses the client's ephemeral key while the second
// encryption layer uses the server's match key.
//
// The client will decrypt this field to get their queried identifier
// encrypted under only the server's key. The client will use this value to
// match with the contents of the encrypted bucket to determine if there is a
// match or not.
bytes doubly_encrypted_id = 2;
}
// A proto message used to store the plaintext response of a membership query of
// a single identifier.
message MembershipResponse {
// True if and only if the queried identifier was a member.
bool is_member = 1;
// The associated value if the queried identifier was a member. If the
// queried identifier is not a member, the value will be an empty string.
string value = 2;
}

32
dmbackend/private_membership_pb2.py Normal file
View File

@ -0,0 +1,32 @@
# -*- coding: utf-8 -*-
# Generated by the protocol buffer compiler. DO NOT EDIT!
# source: private_membership.proto
"""Generated protocol buffer code."""
from google.protobuf.internal import builder as _builder
from google.protobuf import descriptor as _descriptor
from google.protobuf import descriptor_pool as _descriptor_pool
from google.protobuf import symbol_database as _symbol_database
# @@protoc_insertion_point(imports)
_sym_db = _symbol_database.Default()
DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x18private_membership.proto\x12\x12private_membership\"N\n\x11\x44oublyEncryptedId\x12\x1c\n\x14queried_encrypted_id\x18\x01 \x01(\x0c\x12\x1b\n\x13\x64oubly_encrypted_id\x18\x02 \x01(\x0c\"6\n\x12MembershipResponse\x12\x11\n\tis_member\x18\x01 \x01(\x08\x12\r\n\x05value\x18\x02 \x01(\t*I\n\x08HashType\x12\x17\n\x13HASH_TYPE_UNDEFINED\x10\x00\x12\x12\n\x0eTEST_HASH_TYPE\x10\x01\x12\n\n\x06SHA256\x10\x02\"\x04\x08\x03\x10\x03*\x99\x01\n\x17\x45ncryptedBucketHashType\x12(\n$ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED\x10\x00\x12#\n\x1f\x45NCRYPTED_BUCKET_TEST_HASH_TYPE\x10\x03\x12)\n%SHA256_NON_SENSITIVE_AND_SENSITIVE_ID\x10\x01\"\x04\x08\x02\x10\x02\x42(H\x03Z$github.com/google/private-membershipb\x06proto3')
_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals())
_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'private_membership_pb2', globals())
if _descriptor._USE_C_DESCRIPTORS == False:
DESCRIPTOR._options = None
DESCRIPTOR._serialized_options = b'H\003Z$github.com/google/private-membership'
_HASHTYPE._serialized_start=184
_HASHTYPE._serialized_end=257
_ENCRYPTEDBUCKETHASHTYPE._serialized_start=260
_ENCRYPTEDBUCKETHASHTYPE._serialized_end=413
_DOUBLYENCRYPTEDID._serialized_start=48
_DOUBLYENCRYPTEDID._serialized_end=126
_MEMBERSHIPRESPONSE._serialized_start=128
_MEMBERSHIPRESPONSE._serialized_end=182
# @@protoc_insertion_point(module_scope)

340
dmbackend/private_membership_rlwe.proto Normal file
View File

@ -0,0 +1,340 @@
// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
option optimize_for = LITE_RUNTIME;
package private_membership.rlwe;
option go_package = "github.com/google/private-membership";
import "private_membership.proto";
import "serialization.proto";
// Request and Response protos
//
// The protocol consists of two roundtrips:
// First Round: OprfRequest and OprfResponse
// Second Round: QueryRequest and QueryResponse
// First request sent by the client for checking membership.
message PrivateMembershipRlweOprfRequest {
// The identifier encrypted using the elliptic curve commutative
// cipher under an ephemeral key generated by the client. Before encryption,
// the identifier is hashed using either SHA256 or a more computationally
// expensive hash such as Argon2.
repeated bytes encrypted_ids = 1;
// The name of the use case of this query.
RlweUseCase use_case = 2;
}
// First response sent by the server for checking membership.
message PrivateMembershipRlweOprfResponse {
// The requested encrypted_id entries that are re-encrypted using the elliptic
// curve commutative cipher using the servers key.
//
// The client will decrypt to simply get the identifier encrypted under the
// servers key. The client will use this to match with the associated
// EncryptedBucket to see if there is a match or not. Additionally, the client
// will use it to decrypt the AES encrypted value.
repeated DoublyEncryptedId doubly_encrypted_ids = 1;
// Unset if the server doesn't support non-sensitive identifier bucketing for
// the requested use case.
HashedBucketsParameters hashed_buckets_parameters = 2;
// Parameters for the encrypted buckets (second level).
EncryptedBucketsParameters encrypted_buckets_parameters = 3;
// Parameters describing the Ring LWE group as well as the security parameter.
RlweParameters rlwe_parameters = 4;
// Version of key that encrypted the identifier-value pair.
//
// The client should provide this value in the second round of the protocol
// to ensure consistency.
int64 key_version = 5;
}
// Second request sent by the client for checking membership.
message PrivateMembershipRlweQueryRequest {
// Upload a retrieval request consisting of RLWE ciphertexts.
repeated PrivateMembershipRlweQuery queries = 1;
// The name of the use case of this query.
RlweUseCase use_case = 2;
// Version of key that encrypted the identifier-value pair.
int64 key_version = 3;
}
// Second response sent by the server for checking membership.
message PrivateMembershipRlweQueryResponse {
repeated PrivateMembershipRlwePirResponse pir_responses = 1;
}
// Proto containing plaintext IDs supplied to the client library.
message RlwePlaintextId {
// Non-sensitive portion of the identifier.
string non_sensitive_id = 1;
// Sensitive portion of the identifier.
string sensitive_id = 2;
}
// Different use cases of the RLWE-based PSM protocol.
//
// NEXT ID: 25
enum RlweUseCase {
RLWE_USE_CASE_UNDEFINED = 0;
TEST_USE_CASE = 1;
TEST_USE_CASE2 = 2;
TEST_USE_CASE3 = 3;
// Use case with empty database.
EMPTY_USE_CASE = 22;
// The device state of ChromeOS device, used for Zero Touch, License
// Packaging. This is zero-disclosure database, i.e. client does not reveal
// any bits to the server.
CROS_DEVICE_STATE = 5;
// The device state of ChromeOS device, used for all managed devices and
// License Packaging. This is partial-disclosure database, i.e. client will be
// asked to reveal some bits of the hash of non-sensitive identifier.
CROS_DEVICE_STATE_UNIFIED = 23;
// The device state of ChromeOS device.
CROS_DEVICE_SECONDARY_STATE = 12 [deprecated = true];
CROS_DEVICE_STATE_BACKUP = 21 [deprecated = true];
// Use-cases for ChromeOS Device Active Reporting to Fresnel.
CROS_FRESNEL_DAILY = 13;
CROS_FRESNEL_MONTHLY = 14;
CROS_FRESNEL_FIRST_ACTIVE = 15;
CROS_FRESNEL_7DAY_ACTIVE = 16;
CROS_FRESNEL_28DAY_ACTIVE = 17;
CROS_FRESNEL_CHURN_MONTHLY_COHORT = 19;
CROS_FRESNEL_CHURN_MONTHLY_OBSERVATION = 20;
// Use-cases for Cellular Carrier Lock (SimLock).
CROS_SIM_LOCK = 18;
CROS_SIM_LOCK_DEVMODE = 24;
reserved 4, 6, 7, 8, 9, 10, 11;
}
// Parameters for the hashed buckets (first level).
//
// Hashed bucket id is derived by taking the prefix of the hash of the non-
// sensitive identifier.
message HashedBucketsParameters {
// The bit length of the hashed bucket id.
int32 hashed_bucket_id_length = 1;
// The type of hash function to be used for the non-sensitive identifier
// part.
private_membership.HashType non_sensitive_id_hash_type = 2;
}
// Parameters for the encrypted buckets (second level).
message EncryptedBucketsParameters {
// The bit length of the encrypted bucket ids.
//
// The total number of encrypted buckets can be derived from this field,
// i.e. 2^encrypted_bucket_id_length.
int32 encrypted_bucket_id_length = 1;
// The type of hash function to be used to generate the encrypted bucket ID.
private_membership.EncryptedBucketHashType sensitive_id_hash_type = 2;
}
// Public Ring-LWE encryption scheme parameters.
message RlweParameters {
// Sequence of one modulus or two decreasing moduli.
repeated Uint128 modulus = 1;
// Log (base 2) of the polynomial degree N (dimension of the vectorspace).
int32 log_degree = 2;
// Plaintext modulus in bits log t.
int32 log_t = 3;
// Variance of Gaussian error in bits.
int32 variance = 4;
// Levels of recursion.
int32 levels_of_recursion = 5;
}
// Represents a unsigned 128-bit integer.
message Uint128 {
// The lower 64 bits of the modulus.
uint64 lo = 1;
// The higher 64 bits of the modulus.
uint64 hi = 2;
}
// Single unit of RLWE query.
message PrivateMembershipRlweQuery {
// Corresponds to the doubly_encrypted_id.queried_encrypted_id in the
// PrivateMembershipRlweOprfResponse.
//
// Should be set by the client.
bytes queried_encrypted_id = 1;
// Upload a retrieval request consisting of RLWE ciphertexts.
PirRequest pir_request = 2;
// Hashed bucket id at bit level granularity.
message HashedBucketId {
// Hashed bucket id, in bytes.
//
// All bits after bit_length's bit should be set to 0.
bytes hashed_bucket_id = 1;
// Bit length of the hashed bucket id.
//
// This value should be in
// ((hashed_bucket_id.size() - 1) * 8, hashed_bucket_id.size() * 8] range.
int32 bit_length = 2;
}
// Hashed bucket id.
//
// The hashed bucket id is computed by taking the prefix of the hashed
// non-sensitive id at the bit level.
// e.g. if the hashed non-sensitive id is 11010111 and the bucket id length is
// 6, this will be populated as 11010100.
//
// Should be unset if the server doesn't support non-sensitive identifier
// bucketing for the requested use case.
HashedBucketId hashed_bucket_id = 3;
}
// Response consisting of a unique query id and the associated PIR response.
message PrivateMembershipRlwePirResponse {
// This corresponds to the queried_encrypted_id set by the client in the query
// request.
bytes queried_encrypted_id = 1;
// PIR response corresponding to the PIR request.
PirResponse pir_response = 2;
}
// Request for private bucket retrieval.
message PirRequest {
// The request is an encoding of a flattened table of encrypted {1} and {0}
// messages as necessary for PIR. If the database has D items and we are using
// L levels of recursion, this table will contain L*(D^(1/L)) messages,
// representing a table with L rows and D^(1/L) items per row. Each row should
// contain exactly one {1} ciphertext, with the rest of the items containing
// {0} messages.
//
// The flattened table is laid out in the following order:
//
// level | ciphertexts
// -----------------------------
// 1 | {0} ... {1} ... {0}
// 2 | {0} ... {1} ... {0}
// ... | ...
//
// The ciphertexts are uploaded in a compressed format as NTT Polynomials
// using a PRNG seed to expand them into ciphertexts.
// If this field is set, none of the sharded_request_type should be set.
repeated .rlwe.SerializedNttPolynomial request = 1;
// ExpandedRequest can be useful if the querier would like to manipulate the
// PirRequest after it's been created by the client library. To modify it, the
// ciphertext must be expanded first; hence the name ExpandedRequest.
message ExpandedRequest {
// Wrapper around .rlwe.SerializedSymmetricRlweCiphertext so we can
// represent "empty" ciphertext without ambiguity. If `ciphertext` is not
// set, it is consiered "not requested" and the corresponding index will be
// ignored and excluded from the response. When used multiple levels of
// recursion, it is the querier's responsibility to leave the correct
// positions unset so the final query is valid.
message SerializedSymmetricRlweCiphertext {
optional .rlwe.SerializedSymmetricRlweCiphertext ciphertext = 1;
}
repeated SerializedSymmetricRlweCiphertext ciphertexts = 1;
}
// CompactRequest should be the same as the request field above, except it
// indicates sharding.
message CompactRequest {
repeated .rlwe.SerializedNttPolynomial ciphertexts = 1;
}
// If one of the sharded_request_type is set, the above `request` field should
// be set.
oneof sharded_request_type {
// Will be used by hashed bucket sharded request because we don't need to
// modify the ciphertext.
CompactRequest compact_request = 3;
// Will be used by encrypted bucket sharded request because we need to
// modify the ciphertext.
ExpandedRequest expanded_request = 4;
}
// The PRNG seed used to expand the compressed RLWE ciphertexts.
bytes prng_seed = 2;
}
// Response for private bucket retrieval.
message PirResponse {
// Sequence of ciphertexts consisting of encrypted buckets.
repeated .rlwe.SerializedSymmetricRlweCiphertext response = 1;
// Size of the plaintext entry in bytes.
int32 plaintext_entry_size = 2;
}
// Bucket consisting of encrypted id and values.
message EncryptedBucket {
// All encrypted pairs in the bucket.
repeated EncryptedIdValuePair encrypted_id_value_pairs = 1;
// Proto storing encrypted id-value pairs.
message EncryptedIdValuePair {
// Identifier that is encrypted using the Elliptic curve commutative cipher.
// Furthermore, the serialization of the encryption is hashed and only a
// prefix is used.
bytes encrypted_id = 1;
// Value that is encrypted using AES where the key is a serialization
// of the identifier encrypted using the Elliptic curve commutative cipher.
bytes encrypted_value = 2;
// Proto containing the sensitive and non-sensitive portion of the
// identifier in plaintext.
RlwePlaintextId id = 3;
}
}
// A collection of plaintext ids and associated membership responses.
message RlweMembershipResponses {
// A pair of queried plaintext id and its associated membership response.
message MembershipResponseEntry {
// Plaintext id that was queried.
RlwePlaintextId plaintext_id = 1;
// Membership response of the queried plaintext id.
MembershipResponse membership_response = 2;
}
repeated MembershipResponseEntry membership_responses = 1;
}

74
dmbackend/private_membership_rlwe_pb2.py Normal file
View File

File diff suppressed because one or more lines are too long

70
dmbackend/serialization.proto Normal file
View File

@ -0,0 +1,70 @@
/*
* Copyright 2017 Google Inc.
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* https://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package rlwe;
option go_package = "github.com/google/shell-encryption";
// NTT Polynomial
message SerializedNttPolynomial {
// Coefficients of the polynomial
optional bytes coeffs = 1;
// Number of coefficients of the polynomial.
optional int32 num_coeffs = 2;
}
// RLWE Ciphertext
message SerializedSymmetricRlweCiphertext {
// Polynomials composing the ciphertext
repeated SerializedNttPolynomial c = 1;
// The power of the secret key that the ciphertext is encrypted with.
optional int32 power_of_s = 2;
// A heuristic on the amount of error in the ciphertext.
optional double error = 3;
}
// RLWE RelinearizationKey
message SerializedRelinearizationKey {
// Polynomial composing the matrix
repeated SerializedNttPolynomial c = 1;
// The modulus used to decompose the coefficients of the polynomials. Ranges
// from 1 to the number of bits of the modulus.
optional int32 log_decomposition_modulus = 2;
// For n parts, the key can relinearize an n-component ciphertext to a
// 2-component ciphertext.
optional int32 num_parts = 3;
// Seed used to compress this key.
optional bytes prng_seed = 4; // Required
// The power of s that corresponds to the key. The field is 1 if the key is
// RelinearizationKey.
optional int32 power_of_s = 5;
}
// RLWE GaloisKeys.
message SerializedGaloisKey {
// The key-switching matrix
optional SerializedRelinearizationKey key = 1;
}

32
dmbackend/serialization_pb2.py Normal file
View File

@ -0,0 +1,32 @@
# -*- coding: utf-8 -*-
# Generated by the protocol buffer compiler. DO NOT EDIT!
# source: serialization.proto
"""Generated protocol buffer code."""
from google.protobuf.internal import builder as _builder
from google.protobuf import descriptor as _descriptor
from google.protobuf import descriptor_pool as _descriptor_pool
from google.protobuf import symbol_database as _symbol_database
# @@protoc_insertion_point(imports)
_sym_db = _symbol_database.Default()
DESCRIPTOR = _descriptor_pool.Default().AddSerializedFile(b'\n\x13serialization.proto\x12\x04rlwe\"=\n\x17SerializedNttPolynomial\x12\x0e\n\x06\x63oeffs\x18\x01 \x01(\x0c\x12\x12\n\nnum_coeffs\x18\x02 \x01(\x05\"p\n!SerializedSymmetricRlweCiphertext\x12(\n\x01\x63\x18\x01 \x03(\x0b\x32\x1d.rlwe.SerializedNttPolynomial\x12\x12\n\npower_of_s\x18\x02 \x01(\x05\x12\r\n\x05\x65rror\x18\x03 \x01(\x01\"\xa5\x01\n\x1cSerializedRelinearizationKey\x12(\n\x01\x63\x18\x01 \x03(\x0b\x32\x1d.rlwe.SerializedNttPolynomial\x12!\n\x19log_decomposition_modulus\x18\x02 \x01(\x05\x12\x11\n\tnum_parts\x18\x03 \x01(\x05\x12\x11\n\tprng_seed\x18\x04 \x01(\x0c\x12\x12\n\npower_of_s\x18\x05 \x01(\x05\"F\n\x13SerializedGaloisKey\x12/\n\x03key\x18\x01 \x01(\x0b\x32\".rlwe.SerializedRelinearizationKeyB&H\x03Z\"github.com/google/shell-encryption')
_builder.BuildMessageAndEnumDescriptors(DESCRIPTOR, globals())
_builder.BuildTopDescriptorsAndMessages(DESCRIPTOR, 'serialization_pb2', globals())
if _descriptor._USE_C_DESCRIPTORS == False:
DESCRIPTOR._options = None
DESCRIPTOR._serialized_options = b'H\003Z\"github.com/google/shell-encryption'
_SERIALIZEDNTTPOLYNOMIAL._serialized_start=29
_SERIALIZEDNTTPOLYNOMIAL._serialized_end=90
_SERIALIZEDSYMMETRICRLWECIPHERTEXT._serialized_start=92
_SERIALIZEDSYMMETRICRLWECIPHERTEXT._serialized_end=204
_SERIALIZEDRELINEARIZATIONKEY._serialized_start=207
_SERIALIZEDRELINEARIZATIONKEY._serialized_end=372
_SERIALIZEDGALOISKEY._serialized_start=374
_SERIALIZEDGALOISKEY._serialized_end=444
# @@protoc_insertion_point(module_scope)