[IRTF-Announce] RFC 9497 on Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups
rfc-editor@rfc-editor.org Fri, 22 December 2023 18:08 UTC
Return-Path: <wwwrun@rfcpa.amsl.com>
X-Original-To: irtf-announce@ietfa.amsl.com
Delivered-To: irtf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB74CC17C501; Fri, 22 Dec 2023 10:08:57 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.658
X-Spam-Level:
X-Spam-Status: No, score=-6.658 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.249, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uCVAcpLT6rcf; Fri, 22 Dec 2023 10:08:53 -0800 (PST)
Received: from rfcpa.amsl.com (rfcpa.amsl.com [50.223.129.200]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 17309C151078; Fri, 22 Dec 2023 10:06:06 -0800 (PST)
Received: by rfcpa.amsl.com (Postfix, from userid 499) id 01840195422D; Fri, 22 Dec 2023 10:06:05 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org, irtf-announce@irtf.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, cfrg@irtf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20231222180606.01840195422D@rfcpa.amsl.com>
Date: Fri, 22 Dec 2023 10:06:05 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/irtf-announce/cwslSncacT0tyVmtMdQi_mPFMcM>
Subject: [IRTF-Announce] RFC 9497 on Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups
X-BeenThere: irtf-announce@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: IRTF-Announce <irtf-announce.irtf.org>
List-Unsubscribe: <https://mailman.irtf.org/mailman/options/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/irtf-announce/>
List-Post: <mailto:irtf-announce@irtf.org>
List-Help: <mailto:irtf-announce-request@irtf.org?subject=help>
List-Subscribe: <https://mailman.irtf.org/mailman/listinfo/irtf-announce>, <mailto:irtf-announce-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Dec 2023 18:08:58 -0000
A new Request for Comments is now available in online RFC libraries. RFC 9497 Title: Oblivious Pseudorandom Functions (OPRFs) Using Prime-Order Groups Author: A. Davidson, A. Faz-Hernandez, N. Sullivan, C. A. Wood Status: Informational Stream: IRTF Date: December 2023 Mailbox: alex.davidson92@gmail.com, armfazh@cloudflare.com, nicholas.sullivan+ietf@gmail.com, caw@heapingbits.net Pages: 61 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-irtf-cfrg-voprf-21.txt URL: https://www.rfc-editor.org/info/rfc9497 DOI: 10.17487/RFC9497 An Oblivious Pseudorandom Function (OPRF) is a two-party protocol between a client and a server for computing the output of a Pseudorandom Function (PRF). The server provides the PRF private key, and the client provides the PRF input. At the end of the protocol, the client learns the PRF output without learning anything about the PRF private key, and the server learns neither the PRF input nor output. An OPRF can also satisfy a notion of 'verifiability', called a VOPRF. A VOPRF ensures clients can verify that the server used a specific private key during the execution of the protocol. A VOPRF can also be partially oblivious, called a POPRF. A POPRF allows clients and servers to provide public input to the PRF computation. This document specifies an OPRF, VOPRF, and POPRF instantiated within standard prime-order groups, including elliptic curves. This document is a product of the Crypto Forum Research Group (CFRG) in the IRTF. INFORMATIONAL: This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF-Announce, rfc-dist and IRTF-Announce lists.To subscribe or unsubscribe, see https://www.ietf.org/mailman/listinfo/ietf-announce https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist https://www.irtf.org/mailman/listinfo/irtf-announce For searching the RFC series, see https://www.rfc-editor.org/search For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk Requests for special distribution should be addressed to either the author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution. The RFC Editor Team Association Management Solutions, LLC