Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

secret-sharing: Zeroize sensitive data #5928

Draft
wants to merge 21 commits into
base: master
Choose a base branch
from
Draft

secret-sharing: Zeroize sensitive data #5928

wants to merge 21 commits into from
+856 −332

Conversation

peternose
Copy link
Contributor

No description provided.

@peternose peternose added the c:key management Category: key management label Nov 5, 2024
@netlify Netlify
Copy link

netlify bot commented Nov 5, 2024
edited
Loading

Deploy Preview for oasisprotocol-oasis-core canceled.

Name Link
🔨 Latest commit cf516e0
🔍 Latest deploy log https://app.netlify.com/sites/oasisprotocol-oasis-core/deploys/672ae128c673060008c6a6c2

@peternose peternose linked an issue Nov 5, 2024 that may be closed by this pull request
Zeroize sensitive CHURP data #5775
Open
@peternose
secret-sharing/src/vss/matrix: Implement AddAssign for matrix
454802d
@peternose
secret-sharing/src/churp/switch: Add bivariate shares using AddAssign
df23f73
@peternose
secret-sharing/src/churp/switch: Implement AddAssign for shares
cc9d95b
@peternose
secret-sharing/src/poly: Support zeroize
b5ccc92
@peternose
secret-sharing/src/churp/shareholder: Zeroize share on drop
a087f94
@peternose
secret-sharing/src/poly/lagrange: Zeroize product of li and yi
c471f52
@peternose
secret-sharing/src/churp/switch: Flatten code when adding switch point
f1b0ab5
@peternose
secret-sharing/src/poly: Add accessors for point coordinates
d367806
@peternose
secret-sharing/src/churp/switch: Store points instead of coordinates
305799f 
PrimeField implements the Copy trait, which means values are copied when
passed as parameters. To prevent sensitive data from being replicated,
the switch point struct should accumulate points rather than coordinates.
@peternose
secret-sharing/src/churp/switch: Zeroize switch points on drop
cfff776
@peternose
secret-sharing/src/churp/shareholder: Deref verifiable secret share
5413c7b
@peternose
ZeroizePolyFromLagrangie on error
a110cee
@peternose
secret-sharing/src/churp/player: Zeroize intermediate values
ca5a85f
@peternose
secret-sharing/src/kdc: Zeroize intermediate values
273b479
@peternose
secret-sharing/src/churp/dealer: Zeroize bivariate polynomial on drop
c994e60
@peternose
keymanager/src/churp: Zeroize sensitive data
666158e
@peternose
secret-sharing/src/poly: Restrict add/sub/mul assign std ops
cf516e0 
The AddAssign, SubAssign, and MulAssign functions can now be used
only when the prime field supports zeroization. This ensures that
any leftover data from heap reallocation, when the right-hand-side
polynomial has more coefficients than the left-hand-side, is zeroized.

An alternative solution is to remove these functions, but this
could lead to performance drawbacks.
@peternose peternose force-pushed the peternose/trivial/churp-zeroize-secrets branch from d0fabf6 to cf516e0 Compare November 6, 2024 03:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kostko kostko Awaiting requested review from kostko kostko will be requested when the pull request is marked ready for review kostko is a code owner

@peterjgilbert peterjgilbert Awaiting requested review from peterjgilbert peterjgilbert will be requested when the pull request is marked ready for review peterjgilbert is a code owner

@pro-wh pro-wh Awaiting requested review from pro-wh pro-wh will be requested when the pull request is marked ready for review pro-wh is a code owner

@ptrus ptrus Awaiting requested review from ptrus ptrus will be requested when the pull request is marked ready for review ptrus is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
c:key management Category: key management
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Zeroize sensitive CHURP data
1 participant
@peternose