Auxilary files and code for the paper OPRFs from Isogenies: Designs and Analysis, by Lena Heimberger, Tobias Hennerbichler, Fredrik Meisingseth, Sebastian Ramacher and Christian Rechberger.
NOTE: This is academic research code and not production-ready. The implementation is not constant-time and may have other errors.
The _ code/ _ folder contains the following implementations:
- mobile_psi_cpp optimizes the ECNR implementation from the droidCrypto PSI protocol
- nr_ot implements the NR-OT stand-alone and with Private Set Intersection
- opaque contains a copy of the libopaque library using isogeny-based primitives
- opus implements OPUS stand-alone
- opus-psi implements OPUS with Private Set Intersection
While make
compiles all four variants below, we briefly give an overview of the produced binaries.
- To compile
opus.c
, please runmake opus
. - To compile
prf.c
which was used for Figure 4, runmake prf
, which will generate a file noopt.csv with the respective data. - To compile
updatable.c
for Figure 5, runmake updatable
to generateupdatable.csv
. - To compile the client/server binaries used for Figure 10, use
make networked
. Note this was tested on several Linux machines usinggcc
. We link with-pthread
, other platforms or compilers may need-lphtread
instead.
In addition, we provide the file leak_OPRF_key_csidh.py
, which estimates how
many random iterations are necessary to recover the key for the NR-OT
OPRF if CSI-FiSh is not used.
CSIDH Reference implementation CSI-FiSh droidCrypto libopaque