Virgil Security Crypto library  2.6.3
Public Member Functions | List of all members
virgil::crypto::pythia::VirgilPythia Class Reference
Pythia

This class provides PYTHIA cryptographic functions and primitives. More...

#include <VirgilPythia.h>

Public Member Functions

VirgilPythiaBlindResult blind (const VirgilByteArray &password)
 Blinds password. More...
 
VirgilByteArray deblind (const VirgilByteArray &transformedPassword, const VirgilByteArray &blindingSecret)
 Deblinds transformedPassword value with previously returned blindingSecret from blind(). More...
 
VirgilPythiaTransformationKeyPair computeTransformationKeyPair (const VirgilByteArray &transformationKeyID, const VirgilByteArray &pythiaSecret, const VirgilByteArray &pythiaScopeSecret)
 Computes transformation private and public key. More...
 
VirgilPythiaTransformResult transform (const VirgilByteArray &blindedPassword, const VirgilByteArray &tweak, const VirgilByteArray &transformationPrivateKey)
 Transforms blinded password using the private key, generated from pythiaSecret + pythiaScopeSecret. More...
 
VirgilPythiaProveResult prove (const VirgilByteArray &transformedPassword, const VirgilByteArray &blindedPassword, const VirgilByteArray &transformedTweak, const VirgilPythiaTransformationKeyPair &transformationKeyPair)
 Generates proof that server possesses secret values that were used to transform password. More...
 
bool verify (const VirgilByteArray &transformedPassword, const VirgilByteArray &blindedPassword, const VirgilByteArray &tweak, const VirgilByteArray &transformationPublicKey, const VirgilByteArray &proofValueC, const VirgilByteArray &proofValueU)
 Verifies the output of transform(). More...
 
VirgilByteArray getPasswordUpdateToken (const VirgilByteArray &previousTransformationPrivateKey, const VirgilByteArray &newTransformationPrivateKey)
 Computes update token. More...
 
VirgilByteArray updateDeblindedWithToken (const VirgilByteArray &deblindedPassword, const VirgilByteArray &passwordUpdateToken)
 Updates previously stored deblindedPassword with passwordUpdateToken. More...
 

Detailed Description

This class provides PYTHIA cryptographic functions and primitives.

PYTHIA is a verifiable, cryptographic protocol that hardens passwords with the help of a remote service.

Member Function Documentation

VirgilPythiaBlindResult virgil::crypto::pythia::VirgilPythia::blind ( const VirgilByteArray password)

Blinds password.

Turns password into a pseudo-random string. This step is necessary to prevent 3rd-parties from knowledge of end user's password.

Parameters
password- end user's password.
Returns
VirgilPythiaBlindResult
VirgilPythiaTransformationKeyPair virgil::crypto::pythia::VirgilPythia::computeTransformationKeyPair ( const VirgilByteArray transformationKeyID,
const VirgilByteArray pythiaSecret,
const VirgilByteArray pythiaScopeSecret 
)

Computes transformation private and public key.

Parameters
transformationKeyID- ensemble key ID used to enclose operations in subsets.
pythiaSecret- global common for all secret random Key.
pythiaScopeSecret- ensemble secret generated and versioned transparently.
Returns
VirgilPythiaTransformationKeyPair
VirgilByteArray virgil::crypto::pythia::VirgilPythia::deblind ( const VirgilByteArray transformedPassword,
const VirgilByteArray blindingSecret 
)

Deblinds transformedPassword value with previously returned blindingSecret from blind().

Parameters
transformedPassword- GT transformed password from transform().
blindingSecret- BN value that was generated in blind().
Returns
Deblinded transformedPassword value. This value is not equal to password and is zero-knowledge protected.
VirgilByteArray virgil::crypto::pythia::VirgilPythia::getPasswordUpdateToken ( const VirgilByteArray previousTransformationPrivateKey,
const VirgilByteArray newTransformationPrivateKey 
)

Computes update token.

Computes update token which allows update deblindedPassword when rotating transformation private key This action should increment version of pythiaScopeSecret.

Parameters
previousTransformationPrivateKey- transformation private key
newTransformationPrivateKey- new transformation private key
Returns
VirgilBteArray
VirgilPythiaProveResult virgil::crypto::pythia::VirgilPythia::prove ( const VirgilByteArray transformedPassword,
const VirgilByteArray blindedPassword,
const VirgilByteArray transformedTweak,
const VirgilPythiaTransformationKeyPair transformationKeyPair 
)

Generates proof that server possesses secret values that were used to transform password.

Parameters
transformedPassword- GT transformed password from transform()
blindedPassword- G1 blinded password from blind().
transformedTweak- G2 transformed tweak from transform().
transformationKeyPair- transformation key pair.
Returns
VirgilPythiaProveResult
VirgilPythiaTransformResult virgil::crypto::pythia::VirgilPythia::transform ( const VirgilByteArray blindedPassword,
const VirgilByteArray tweak,
const VirgilByteArray transformationPrivateKey 
)

Transforms blinded password using the private key, generated from pythiaSecret + pythiaScopeSecret.

Parameters
blindedPassword- G1 password obfuscated into a pseudo-random string.
tweak- some random value used to identify user
transformationPrivateKey- BN transformation private key.
Returns
VirgilPythiaTransformResult
VirgilByteArray virgil::crypto::pythia::VirgilPythia::updateDeblindedWithToken ( const VirgilByteArray deblindedPassword,
const VirgilByteArray passwordUpdateToken 
)

Updates previously stored deblindedPassword with passwordUpdateToken.

After this call, transform() called with new arguments will return corresponding values.

Parameters
deblindedPassword- GT previous deblinded password from deblind().
passwordUpdateToken- BN password update token from getPasswordUpdateToken().
Returns
New deblinded password.
bool virgil::crypto::pythia::VirgilPythia::verify ( const VirgilByteArray transformedPassword,
const VirgilByteArray blindedPassword,
const VirgilByteArray tweak,
const VirgilByteArray transformationPublicKey,
const VirgilByteArray proofValueC,
const VirgilByteArray proofValueU 
)

Verifies the output of transform().

This operation allows client to verify that the output of transform() is correct, assuming that client has previously stored tweak.

Parameters
transformedPassword- GT transformed password from transform()
blindedPassword- G1 blinded password from blind().
tweak- tweak from transform()
transformationPublicKey- G1 transformation public key
proofValueC- BN proof value C from prove()
proofValueU- BN proof value U from prove()
Returns
true if output of transform() is correct, false - otherwise.
The documentation for this class was generated from the following file:
Generated by   doxygen 1.8.11