[CFRG] VOPRF with public metadata bits

Subodh Iyengar <subodh@fb.com> Tue, 23 February 2021 20:05 UTC

Return-Path: <prvs=16885bee74=subodh@fb.com>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E19803A07FB for <cfrg@ietfa.amsl.com>; Tue, 23 Feb 2021 12:05:49 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.666
X-Spam-Level:
X-Spam-Status: No, score=-2.666 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.57, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=fb.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VmTXAh3ty89U for <cfrg@ietfa.amsl.com>; Tue, 23 Feb 2021 12:05:48 -0800 (PST)
Received: from mx0a-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 62B313A0884 for <cfrg@irtf.org>; Tue, 23 Feb 2021 12:04:48 -0800 (PST)
Received: from pps.filterd (m0089730.ppops.net [127.0.0.1]) by m0089730.ppops.net (8.16.0.43/8.16.0.43) with SMTP id 11NJx0sh021517; Tue, 23 Feb 2021 12:04:45 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fb.com; h=from : to : cc : subject : date : message-id : content-type : mime-version; s=facebook; bh=mGDFobk89ASdwoj+q1ujpaHEvPIo7PL+lQMiJUPveK0=; b=FJeQuArtwrcuFNm02S8KRHr05GNJ9YxozZEaY/bJk5fpjMh0OQ40MUZkZqNjSBzwkbY6 koq03Eysmrw2Sx/DfYpJJToqPvRsWuMYk84GPfljNA6khCXlftYdNjNIevRb1VmI41F3 hH11iVghwMbUYH/iTb/71JIx9NjUSdMffts=
Received: from maileast.thefacebook.com ([163.114.130.16]) by m0089730.ppops.net with ESMTP id 36ukhyd6v5-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Tue, 23 Feb 2021 12:04:44 -0800
Received: from NAM02-BL2-obe.outbound.protection.outlook.com (100.104.31.183) by o365-in.thefacebook.com (100.104.36.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1979.3; Tue, 23 Feb 2021 12:04:44 -0800
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=G6y65So4+Do8hzHp+dzSWt+Buy1ulZe5/UhcTd+qscv+YfqgyEctSCFOriQqsZnyedlBZV29Mh5MWWoPLVXytpFikWuTK7n8q46nM9lmsJt8Mj66MIGCvUKqovw7fdZZ2A1vhpdl2R1akaEIHk3EDwNFDRdx/P3ThgVxgtleUOpxtiwdn15BP9AcsPpg6xOmBRYbBHxSz2I2lTjS11v6FYuIyJESlHtHtse9lpHS93yJY7Zmuxqr6zh/NxpB5yLvVym+sAbkdGDu7fKiQGblxUGP1CaBqfhdUeRqkspQHqb3/Yi48nJI7MMUN5uA8pb9SS0wMyP7vGFBv2eBMscV2g==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mGDFobk89ASdwoj+q1ujpaHEvPIo7PL+lQMiJUPveK0=; b=AzPukNivStQTlibNYA1Wj6fGEkSZre5aGPrwatTSzHwdiW7Tn+eetl49JXbiy6gLBCTKM7dA4CwnKzH7MUKCoYaUWnjKbaePs+v/eDySd0QlaIWxn/FpYi5gYS4ENlFgXklDSmVxbQVjDIaxrBX6sAY383TFprBMBKqQ+9W65QTO9UuwIKZEGdVv4yeLWwNZuk3bz/Wt8FiHsdaRowSYs4jrvXVhJJYmmvL4WHEAXM0QH2EOqip9VGb5/vVljQH0v9T3YxAQVqR/nh84cH59NGkHdeuxCCJkYkkCZFD4rxXcOdMKt2K/HjwxmlBxKZCkKT6xabbay14sawRznPu6+g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=fb.com; dmarc=pass action=none header.from=fb.com; dkim=pass header.d=fb.com; arc=none
Received: from MW3PR15MB3881.namprd15.prod.outlook.com (2603:10b6:303:4a::23) by MW4PR15MB4330.namprd15.prod.outlook.com (2603:10b6:303:bb::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3868.31; Tue, 23 Feb 2021 20:04:42 +0000
Received: from MW3PR15MB3881.namprd15.prod.outlook.com ([fe80::f165:51d:320a:3f7c]) by MW3PR15MB3881.namprd15.prod.outlook.com ([fe80::f165:51d:320a:3f7c%7]) with mapi id 15.20.3868.033; Tue, 23 Feb 2021 20:04:42 +0000
From: Subodh Iyengar <subodh@fb.com>
To: "cfrg@irtf.org" <cfrg@irtf.org>
CC: Christopher Wood <caw@heapingbits.net>, Ananth Raghunathan <ananthr@fb.com>
Thread-Topic: VOPRF with public metadata bits
Thread-Index: AQHXCh5Gv0QRPSniC0ip3B8RU0eDUw==
Date: Tue, 23 Feb 2021 20:04:42 +0000
Message-ID: <MW3PR15MB388172049023B585DABBFE63B6809@MW3PR15MB3881.namprd15.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: irtf.org; dkim=none (message not signed) header.d=none;irtf.org; dmarc=none action=none header.from=fb.com;
x-originating-ip: [2600:1700:5430:29ef:1803:fdc0:40f6:e5d0]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 2056e260-ff51-4bd1-4cbb-08d8d836422a
x-ms-traffictypediagnostic: MW4PR15MB4330:
x-ms-exchange-transport-forked: True
x-microsoft-antispam-prvs: <MW4PR15MB4330B4001514E4F63C1DFD0DB6809@MW4PR15MB4330.namprd15.prod.outlook.com>
x-fb-source: Internal
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: AwBtENiljTy3LzdUOLazFzzHBcYiugfd3QAMhcyxo9XRtu/KWuZnVfa8q0ufssjYT8qaA0O6JU+F6v2QPaw3wreR9JMwDeOuIzwJuFOMegSLqPW2QmwLxROzXoRnVpbhlZP0jaanxymw0sXFeeRwAGNHLbDOj+D4Ov5JWCtRCNWfnu8ADLFpG903Z7HA/IDqCnHb9MFSur2NO6jn8cIDIHCBdLU8yAFEpHgIxPCNqFnGoDhLOj8c6h+Zg+fvTqwUK8fXJVwb4jb51ZhDUPhgI2VEKyXpI0TvAye+KpPVH0ReEKkSZkUK4Vf36oObGi5WpNvS1doNaFRLGlLKVpm9+9+kqzliorUPvmgy+d8xH0YloWS5Tbl7G1Dw9cXk6KSzk6GGH+FTXByvLcJRjrjtfKdAfHO5kvOCZyg0cAJ5mlI0RM94L0WcLwyrqJ0cgmeeP9uUQfySVbVeAmecvh4b7w/UPZ6l02Q3XmDkqAYLwgM9v0F3+NEXEtRbnpIEj5zlUmKq3cHdhuOtf/Ro9dEEidpP6Zr5nB9jEK1Qx++xiYE4aKVMFtahw77ZxY72SftmzIU+/mbn2rI1+459bICtczKYTlwn1h4C88XpzXJsRXk=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:MW3PR15MB3881.namprd15.prod.outlook.com; PTR:; CAT:NONE; SFS:(346002)(366004)(136003)(396003)(39860400002)(376002)(66946007)(19627405001)(91956017)(66476007)(83380400001)(166002)(33656002)(64756008)(9686003)(4326008)(8936002)(86362001)(6916009)(54906003)(52536014)(6506007)(966005)(66556008)(55016002)(2906002)(66446008)(5660300002)(7696005)(8676002)(316002)(76116006)(186003)(478600001)(71200400001)(4744005); DIR:OUT; SFP:1102;
x-ms-exchange-antispam-messagedata: =?iso-8859-1?Q?peyvlU7Rw3fs6EVjHgX1+Li+E1dNnkb+n9454hOCQt+zJh4nTVvukjyvFw?= =?iso-8859-1?Q?/QBUvrVAFu0Qo3nli0YnUbUCQqiRDuHY+aA4420k2/T4Zqvam5zrXaX/tC?= =?iso-8859-1?Q?QBcorm86qJ6W+4DSJiBM4aEzfRXFunKBRpAH7metWzH+3U47GNCt5Hl9OZ?= =?iso-8859-1?Q?GHxVTrU+4Rj3JYR4Uop9oK1JpnrhIh3I/GD8fZM9XnrzhwGc0/n3ZJRugH?= =?iso-8859-1?Q?yfTiWdxomA6Dgbwpf/f4j2tIdo7yyui/7bBAb8rChfwOXMA1/qm9oE4FGI?= =?iso-8859-1?Q?4S5nEISe1qmMW3vmhWe0lGsdm3hlLDjcTP2pKORsb8kol8vYb1QvUIqBOo?= =?iso-8859-1?Q?XmdEo8RXvHlnWJS+gnZae1fqdYTYCxxS180miZFGVRss6kCL49DXT3wr4F?= =?iso-8859-1?Q?umvXzsVOvnA9WcT26R23JgJIPhg9Onajqh/3ZOnATIFFI9D8s+YBEo4V+3?= =?iso-8859-1?Q?/IiIW6+c+qSl1WxpYuPkht/XfbkwW8110SAtcwLQWo5jg8KWi6sPLnlUpU?= =?iso-8859-1?Q?WyUF3Cz6yWPhd4Z4DRJTgV8GGeI+YQZzlGzy8YMQ/n4e+aKhQLOzBfoYgf?= =?iso-8859-1?Q?VsCG4x4N28nLoLedHIYfGgGFpScf+qRVjXr1IFORTPWpf+tDZRKGhc8YcI?= =?iso-8859-1?Q?Jzt5kjg2CB9GMXfUIeOJnPIokj/aztJ4EcujZY9KbvNRysdBoiJaHkdrrj?= =?iso-8859-1?Q?tFw6LJZG0EesRzhnkzEwC32ySktbLYywRUTC52yzXNYVcAaO/5bGQY6SSr?= =?iso-8859-1?Q?v2Xbt+tx6dvVtsxFPreFFVUzN4UT13zI4dxOeuBQT2PxT1UbaQooDdj3PR?= =?iso-8859-1?Q?gBIKSn/CU1m4r9YhiEdMcuVUe2N9ExqnMZdDyQEUhbCvXtSZeyBtALxMzU?= =?iso-8859-1?Q?ylgI5mWpKJTQ7ue+7PkaDmRdNIn3gp2OLwL13B8SwAVSy0r8eiKZ32HRNk?= =?iso-8859-1?Q?Te56nS8YuupCBK7l03P1SyjQ3txT8FxhFfmYtBZYp2arV2eeH1uhKl1nw2?= =?iso-8859-1?Q?qCiBuf2lF/L0vfFLE9JR01CuGQhWd6x+LvaqA9Fw1Le8d1QhQqUvm6K+np?= =?iso-8859-1?Q?bcoOsVigYpKn4B19bbOdLqk2Z68buxWmxcED0rAEgiif83ZkVKsPKarAe6?= =?iso-8859-1?Q?/iPK9hx+80741RcFbgWX3k2YyVYNf59aOeqAX5l5P/WpYYON9hoZNFPrej?= =?iso-8859-1?Q?efT1VPiU1Y0dKlynL3Hmg5LHGeKUm/b6aKjcu50xvAk7axTTt4IV8CnEPi?= =?iso-8859-1?Q?+4XJF0qW7EgQCaCL16LbmNvYgq3R8MZMj8BKllowcooLAx8HoYWVaIo30p?= =?iso-8859-1?Q?g5UztQdRYrCkY3FaO9jwaheklSrJtigDrBU9TR1TBZ0azWN4yvD5Y75z+O?= =?iso-8859-1?Q?8GPmPi3Nnofz5qRL8W7sWE+tzHCTW7X8vvF2fVzBv073Me5GDTdH/h9JP9?= =?iso-8859-1?Q?MEPqjxblKnKRXrg2?=
Content-Type: multipart/alternative; boundary="_000_MW3PR15MB388172049023B585DABBFE63B6809MW3PR15MB3881namp_"
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: MW3PR15MB3881.namprd15.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 2056e260-ff51-4bd1-4cbb-08d8d836422a
X-MS-Exchange-CrossTenant-originalarrivaltime: 23 Feb 2021 20:04:42.1064 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 8ae927fe-1255-47a7-a2af-5f3a069daaa2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: fn2+rmwZk4fguoD5SuQ9nH2gAgIW/hNr3USIjrGUdR0qk52EKo/5X/G+xmpd0Meo
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW4PR15MB4330
X-OriginatorOrg: fb.com
X-Proofpoint-UnRewURL: 0 URL was un-rewritten
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.761 definitions=2021-02-23_08:2021-02-23, 2021-02-23 signatures=0
X-Proofpoint-Spam-Details: rule=fb_default_notspam policy=fb_default score=0 spamscore=0 malwarescore=0 bulkscore=0 clxscore=1011 mlxlogscore=652 impostorscore=0 suspectscore=0 mlxscore=0 phishscore=0 adultscore=0 lowpriorityscore=0 priorityscore=1501 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102230168
X-FB-Internal: deliver
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/5pHQLSAjsW_mnzilF4NVtovxvmI>
Subject: [CFRG] VOPRF with public metadata bits
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Feb 2021 20:05:50 -0000

In the privacy pass mailing list, we've been discussing the need for several applications that want to use privacy pass to be able to embed public metadata in a verifiable way to the VOPRF used by privacy pass.

We've put together an initial draft describing a way to embed public metadata into VOPRF keys https://tools.ietf.org/html/draft-iyengar-cfrg-voprfmetadata-00 by embedding the metadata
into the keys that are used for the EC VOPRF in https://datatracker.ietf.org/doc/draft-irtf-cfrg-voprf/. The construction described here is based on a recent scheme in https://research.fb.com/privatestats.

Time permitting, I'd like to request some time on the agenda to present this at IETF 110.

Subodh