Struct mpc_engine::primitives::ot::OTSender
source · pub struct OTSender { /* private fields */ }Expand description
The state of the sender
Implementations§
source§impl OTSender
impl OTSender
sourcepub fn init(
entropy: &mut Randomness,
dst: &[u8]
) -> Result<(Self, OTSenderInit), Error>
pub fn init( entropy: &mut Randomness, dst: &[u8] ) -> Result<(Self, OTSenderInit), Error>
Generate the first sender message.
Initiates an OT sender by picking a random P256 scalar y and deriving
S = yB and T = yS, where B is the P256 base point. These values
will later be used to derive encryption keys in the send stage of the
protocol. In addition, the domain separation tag dst, which will be
used in key generation is stored in the receiver and S is prepared for
sending to the receiver by wrapping it in an OTSenderInit message.
sourcepub fn send(
&self,
left_input: &[u8],
right_input: &[u8],
selection: &OTReceiverSelect,
entropy: &mut Randomness
) -> Result<OTSenderSend, Error>
pub fn send( &self, left_input: &[u8], right_input: &[u8], selection: &OTReceiverSelect, entropy: &mut Randomness ) -> Result<OTSenderSend, Error>
Generate the second sender message based on the receiver’s selection.
Given the OTReceiverSelect message and the two sender inputs, the
sender can generate the transfer messages. It does so by deriving two
domain separated encryption keys, based on the values S and T
generated during initiation and on the masked choice bit sent by the
receiver. It then encrypts the left and right inputs under their
respective keys and prepares an OTSenderSend message with both
ciphertexts. This finishes the OT session for the sender. By the
security of the protocol, the receiver will only be able to generate one
of the decryption keys, namely that one corresponding to its choice bit.