Removing idU from RegistrationRequest and CredentialRequest

Author: kevinlewi

src/opaque.rs

@@ -33,8 +33,6 @@ use zeroize::Zeroize;
 
 /// The message sent by the client to the server, to initiate registration
 pub struct RegisterFirstMessage<Grp> {
-    /// User identity
-    id_u: Vec<u8>,
     /// blinded password information
     alpha: Grp,
 }
@@ -43,29 +41,25 @@ impl<Grp: Group> TryFrom<&[u8]> for RegisterFirstMessage<Grp> {
     type Error = ProtocolError;
     fn try_from(first_message_bytes: &[u8]) -> Result<Self, Self::Error> {
         let elem_len = Grp::ElemLen::to_usize();
-        let checked_slice =
-            check_slice_size_atleast(first_message_bytes, elem_len, "first_message_bytes")?;
-
-        let id_u = checked_slice[..checked_slice.len() - elem_len].to_vec();
+        let checked_slice = check_slice_size(first_message_bytes, elem_len, "first_message_bytes")?;
 
         // Check that the message is actually containing an element of the
         // correct subgroup
         let arr = GenericArray::from_slice(&checked_slice[checked_slice.len() - elem_len..]);
         let alpha = Grp::from_element_slice(arr)?;
-        Ok(Self { id_u, alpha })
+        Ok(Self { alpha })
     }
 }
 
 impl<Grp: Group> RegisterFirstMessage<Grp> {
     /// Byte representation for the registration request
     pub fn to_bytes(&self) -> Vec<u8> {
-        [&self.id_u[..], &self.alpha.to_arr().to_vec()[..]].concat()
+        self.alpha.to_arr().to_vec()
     }
 
     /// Serialization into bytes
     pub fn serialize(&self) -> Vec<u8> {
         let mut registration_request: Vec<u8> = Vec::new();
-        registration_request.extend_from_slice(&serialize(&self.id_u, 2));
         registration_request.extend_from_slice(&serialize(&self.alpha.to_arr(), 2));
 
         let mut output: Vec<u8> = Vec::new();
@@ -87,9 +81,7 @@ impl<Grp: Group> RegisterFirstMessage<Grp> {
         if !remainder.is_empty() {
             return Err(PakeError::SerializationError.into());
         }
-
-        let (id_u, remainder) = tokenize(data, 2)?;
-        let (alpha_bytes, remainder) = tokenize(remainder, 2)?;
+        let (alpha_bytes, remainder) = tokenize(data, 2)?;
 
         if !remainder.is_empty() {
             return Err(PakeError::SerializationError.into());
@@ -104,7 +96,7 @@ impl<Grp: Group> RegisterFirstMessage<Grp> {
         // correct subgroup
         let arr = GenericArray::from_slice(checked_slice);
         let alpha = Grp::from_element_slice(arr)?;
-        Ok(Self { id_u, alpha })
+        Ok(Self { alpha })
     }
 }
 
@@ -316,8 +308,6 @@ where
 
 /// The message sent by the user to the server, to initiate registration
 pub struct LoginFirstMessage<CS: CipherSuite> {
-    /// User identity
-    id_u: Vec<u8>,
     /// blinded password information
     alpha: CS::Group,
     ke1_message: <CS::KeyExchange as KeyExchange<CS::Hash, CS::KeyFormat>>::KE1Message,
@@ -339,7 +329,6 @@ impl<CS: CipherSuite> LoginFirstMessage<CS> {
     /// Serialization into bytes
     pub fn serialize(&self) -> Vec<u8> {
         let mut credential_request: Vec<u8> = Vec::new();
-        credential_request.extend_from_slice(&serialize(&self.id_u, 2));
         credential_request.extend_from_slice(&serialize(&self.alpha.to_arr(), 2));
 
         let mut output: Vec<u8> = Vec::new();
@@ -356,9 +345,7 @@ impl<CS: CipherSuite> LoginFirstMessage<CS> {
         }
 
         let (data, ke1m) = tokenize(input[1..].to_vec(), 3)?;
-
-        let (id_u, remainder) = tokenize(data, 2)?;
-        let (alpha_bytes, remainder) = tokenize(remainder, 2)?;
+        let (alpha_bytes, remainder) = tokenize(data, 2)?;
 
         if !remainder.is_empty() {
             return Err(PakeError::SerializationError.into());
@@ -374,11 +361,7 @@ impl<CS: CipherSuite> LoginFirstMessage<CS> {
                 &ke1m[..],
             )?;
 
-        Ok(Self {
-            id_u,
-            alpha,
-            ke1_message,
-        })
+        Ok(Self { alpha, ke1_message })
     }
 }
 
@@ -612,10 +595,7 @@ impl<CS: CipherSuite> ClientRegistration<CS> {
         )?;
 
         Ok((
-            RegisterFirstMessage::<CS::Group> {
-                id_u: user_name.to_vec(),
-                alpha,
-            },
+            RegisterFirstMessage::<CS::Group> { alpha },
             Self {
                 id_u: user_name.to_vec(),
                 id_s: server_name.to_vec(),
@@ -1069,11 +1049,7 @@ impl<CS: CipherSuite> ClientLogin<CS> {
 
         let (ke1_state, ke1_message) = CS::KeyExchange::generate_ke1(alpha.to_arr().to_vec(), rng)?;
 
-        let l1 = LoginFirstMessage {
-            id_u: user_name.to_vec(),
-            alpha,
-            ke1_message,
-        };
+        let l1 = LoginFirstMessage { alpha, ke1_message };
 
         Ok((
             l1,

src/serialization/tests.rs

@@ -112,19 +112,12 @@ fn register_first_message_roundtrip() {
     let pt = random_ristretto_point();
     let pt_bytes = pt.to_arr().to_vec();
 
-    let mut rng = OsRng;
-    let id_length: usize = rng.gen_range(0, MAX_ID_LENGTH);
-    let mut id = [0u8; MAX_ID_LENGTH];
-    rng.fill_bytes(&mut id);
-
     let alpha_length: usize = 32;
-    let total_length: usize = alpha_length + id_length + 4;
+    let total_length: usize = alpha_length + 2;
 
     let mut input = Vec::new();
     input.extend_from_slice(&[ProtocolMessageType::RegistrationRequest as u8 + 1]);
     input.extend_from_slice(&total_length.to_be_bytes()[8 - 3..]);
-    input.extend_from_slice(&id_length.to_be_bytes()[8 - 2..]);
-    input.extend_from_slice(&id[..id_length]);
     input.extend_from_slice(&alpha_length.to_be_bytes()[8 - 2..]);
     input.extend_from_slice(pt_bytes.as_slice());
 
@@ -196,9 +189,6 @@ fn login_first_message_roundtrip() {
     let mut rng = OsRng;
     let alpha = random_ristretto_point();
     let alpha_bytes = alpha.to_arr().to_vec();
-    let id_length: usize = rng.gen_range(0, MAX_ID_LENGTH);
-    let mut id = [0u8; MAX_ID_LENGTH];
-    rng.fill_bytes(&mut id);
 
     let client_e_kp = Default::generate_random_keypair(&mut rng).unwrap();
     let mut client_nonce = [0u8; NONCE_LEN];
@@ -207,13 +197,11 @@ fn login_first_message_roundtrip() {
     let ke1m: Vec<u8> = [&client_nonce[..], &client_e_kp.public()].concat();
 
     let alpha_length = alpha_bytes.len();
-    let total_length_without_ke1m: usize = id_length + alpha_length + 4;
+    let total_length_without_ke1m: usize = alpha_length + 2;
 
     let mut input = Vec::new();
     input.extend_from_slice(&[ProtocolMessageType::CredentialRequest as u8 + 1]);
     input.extend_from_slice(&total_length_without_ke1m.to_be_bytes()[8 - 3..]);
-    input.extend_from_slice(&id_length.to_be_bytes()[8 - 2..]);
-    input.extend_from_slice(&id[..id_length]);
     input.extend_from_slice(&alpha_length.to_be_bytes()[8 - 2..]);
     input.extend_from_slice(&alpha_bytes);
     input.extend_from_slice(&ke1m[..]);

src/tests/opaque_ke_test.rs

@@ -65,35 +65,35 @@ pub struct TestVectorParameters {
 
 static TEST_VECTOR: &str = r#"
 {
-    "client_s_pk": "7489b55c78b380db87d664178e5a020eb2f9bbeac0a44f6fb034ccba8de4a934",
-    "client_s_sk": "f0499a6c8bac723debd497b672c2d89ed2d96fd190fce247e0dd3019dce8ec59",
-    "client_e_pk": "c87afc8a9dc82c93dc6fa9d27654c6b909de929e542e94a87ffb7b3256190a46",
-    "client_e_sk": "107078f8e2ddd88c3d37e611ae932d798403e475f52a6695639999f963063576",
-    "server_s_pk": "764f186883a88353586c2427bfbe0ff3e5a0f56af414b0c42a5a300fc426ba4d",
-    "server_s_sk": "c089cb11e78ea8923cc25857ba51fd5da820079a9a2b377bc87dcd496b563e5c",
-    "server_e_pk": "05d99649994c006a508b996d11a94f52ae68cca44087bdd69602dfceb92d950c",
-    "server_e_sk": "70c4df069c1a7b70c16cf6409157674c3f8adfd0919f9dd67a254cf167c7e87f",
+    "client_s_pk": "e7dce23c92339bf0719c2faaa25d9b32997501316552241661331ddb2d621d0f",
+    "client_s_sk": "88a85d87f7a6afbcd26c3a44e9c6d6e8b2e66f5f8bc50ab2043e499088bb6c72",
+    "client_e_pk": "a05e21d85c342f5c53f9a048d63a9a04f9d1cef364011963dcdb66dc76c5a752",
+    "client_e_sk": "80de26e3c0fd87c860030bb600b0a8b33eba54c02e243b4584137da648c5847a",
+    "server_s_pk": "1766e2000c0914af7431de8c7ae8757eb2c974006dc7d9fe037cbb1569665a64",
+    "server_s_sk": "d86b6db7d70be0a6155e5f4f1a1047b55a0fde382115e4ad524b34edf3bf4b60",
+    "server_e_pk": "0a7b46933a6a86942f89eadac7bda1e513ce97776f4e7e65127f2685bc3f250b",
+    "server_e_sk": "483b9af7dbce61f734bc824acc892ff5a3c655f29e0ba129eb24ae3ae944a56d",
     "id_u": "696455",
     "id_s": "696453",
     "password": "70617373776f7264",
-    "blinding_factor": "c5629094a160136e99012cf9c8eb19d9d62f87cadf846636bd175064a78b2d00",
-    "oprf_key": "f431dcb851f3c8202b9dd1a06d8d32434bbab88de4fdd079452faf2359a8d408",
-    "envelope_nonce": "be38985f7e04dab53e0bddf32cc9eeb64d7f072e089650b681ba4bb04bcfaeb2",
-    "client_nonce": "0c51879d4ae4cbd047fbf1ba9c7512c25c8d809486f5e6018dff8c525d9f41f1",
-    "server_nonce": "c896afa11787f8374bbeb3876151bcf4b75c9511a70be3dddce7606a353f3bc3",
-    "r1": "01000027000369645500201d540787a850896d3c7407e5a2c17729772170dae61640872aeca109d64d4581",
-    "r2": "02000028002033f9c4bdfe3d2597cbf0c86db2b0b3e81a4400ad4c9618372f6e24d89229d9a4000001010103",
-    "r3": "030000aebe38985f7e04dab53e0bddf32cc9eeb64d7f072e089650b681ba4bb04bcfaeb20023441a15c5ccbbf863e0db5e03c6edc63696b05d83a66e4aa3e10aa1320936fe8357bc250023030020764f186883a88353586c2427bfbe0ff3e5a0f56af414b0c42a5a300fc426ba4d00208229fa7e73d11f6935de9d5aae17ab5ec77d6cff8d8456437a8098bb54aa9b9300207489b55c78b380db87d664178e5a020eb2f9bbeac0a44f6fb034ccba8de4a934",
-    "l1": "04000027000369645500201d540787a850896d3c7407e5a2c17729772170dae61640872aeca109d64d45810c51879d4ae4cbd047fbf1ba9c7512c25c8d809486f5e6018dff8c525d9f41f1c87afc8a9dc82c93dc6fa9d27654c6b909de929e542e94a87ffb7b3256190a46",
-    "l2": "050000ae002033f9c4bdfe3d2597cbf0c86db2b0b3e81a4400ad4c9618372f6e24d89229d9a4be38985f7e04dab53e0bddf32cc9eeb64d7f072e089650b681ba4bb04bcfaeb20023441a15c5ccbbf863e0db5e03c6edc63696b05d83a66e4aa3e10aa1320936fe8357bc250023030020764f186883a88353586c2427bfbe0ff3e5a0f56af414b0c42a5a300fc426ba4d00208229fa7e73d11f6935de9d5aae17ab5ec77d6cff8d8456437a8098bb54aa9b9370c4df069c1a7b70c16cf6409157674c3f8adfd0919f9dd67a254cf167c7e87f05d99649994c006a508b996d11a94f52ae68cca44087bdd69602dfceb92d950cbd9f8a529e49110d4bfe863d449663b0cda71ba29e0aa46f63bbc7b6b054ad8c",
-    "l3": "6ba92c16abdd010bc8e9a5175d639512f8b270767d4b7198d03a985935e7da6d",
-    "client_registration_state": "00036964550003696453c5629094a160136e99012cf9c8eb19d9d62f87cadf846636bd175064a78b2d0070617373776f7264",
-    "client_login_state": "00036964550003696453c5629094a160136e99012cf9c8eb19d9d62f87cadf846636bd175064a78b2d00107078f8e2ddd88c3d37e611ae932d798403e475f52a6695639999f9630635760c51879d4ae4cbd047fbf1ba9c7512c25c8d809486f5e6018dff8c525d9f41f123c1c83fbf2a84c442b079fcacff55b13a4aebf9ba326e992c83b550afbb0c8770617373776f7264",
-    "server_registration_state": "f431dcb851f3c8202b9dd1a06d8d32434bbab88de4fdd079452faf2359a8d408",
-    "server_login_state": "72486032f6ff6f079144a891fdcb5ca63ede147f327313437c6bf2fd79d08b1faf03840b6c031f7afb66e2740ae064fc140c9aec2ac42295a6d1201d6ad5cdc641d81a7e3805c996ff9fb15fbcd4eddb528a3622f0f4488bca04bace6d740ee3",
-    "password_file": "f431dcb851f3c8202b9dd1a06d8d32434bbab88de4fdd079452faf2359a8d4087489b55c78b380db87d664178e5a020eb2f9bbeac0a44f6fb034ccba8de4a934be38985f7e04dab53e0bddf32cc9eeb64d7f072e089650b681ba4bb04bcfaeb20023441a15c5ccbbf863e0db5e03c6edc63696b05d83a66e4aa3e10aa1320936fe8357bc250023030020764f186883a88353586c2427bfbe0ff3e5a0f56af414b0c42a5a300fc426ba4d00208229fa7e73d11f6935de9d5aae17ab5ec77d6cff8d8456437a8098bb54aa9b93",
-    "export_key": "c2bc61bafeb9ab541fa362dc154c7a07dab8479e486da2daf9408438d9dc562f",
-    "shared_secret": "41d81a7e3805c996ff9fb15fbcd4eddb528a3622f0f4488bca04bace6d740ee3"
+    "blinding_factor": "803739feafc45969f9be5a6ab6ea0cbc8c6ee5144bc7ce83b6f8acb77e160c04",
+    "oprf_key": "288b3f25582a4d5f1a775442805a44b77266430e90124e288176d56eaadabd05",
+    "envelope_nonce": "6ed65068854948760f5e23042e1f64614382828206ac24389addb709beb2df5d",
+    "client_nonce": "1642c14481e4d3822ca5e038696f86b133c2a3c28bc0c4ee2f6e10305443c5dc",
+    "server_nonce": "d7d2f3b5257e67742d8449cf66eca9b9ea89dc9aa811e71806ebf309e6e27a87",
+    "r1": "01000022002074b8033d642dfcf0cec75df539801d3fe9262919bd8fd2cd742c3ec211522ffe",
+    "r2": "02000028002048e74c2b17750b3875d80688c9217c10df421dbcec56f35f79cccc1085f3f2a8000001010103",
+    "r3": "030000ae6ed65068854948760f5e23042e1f64614382828206ac24389addb709beb2df5d00235c8cbe660578c0a07a0be2ffad5c638a9d80dfab9323c3f2f51b15100bdf6a5116506b00230300201766e2000c0914af7431de8c7ae8757eb2c974006dc7d9fe037cbb1569665a64002008f76f5e11b480be387407b920479273fc7e039edba805b55aa1e2d72965796a0020e7dce23c92339bf0719c2faaa25d9b32997501316552241661331ddb2d621d0f",
+    "l1": "04000022002074b8033d642dfcf0cec75df539801d3fe9262919bd8fd2cd742c3ec211522ffe1642c14481e4d3822ca5e038696f86b133c2a3c28bc0c4ee2f6e10305443c5dca05e21d85c342f5c53f9a048d63a9a04f9d1cef364011963dcdb66dc76c5a752",
+    "l2": "050000ae002048e74c2b17750b3875d80688c9217c10df421dbcec56f35f79cccc1085f3f2a86ed65068854948760f5e23042e1f64614382828206ac24389addb709beb2df5d00235c8cbe660578c0a07a0be2ffad5c638a9d80dfab9323c3f2f51b15100bdf6a5116506b00230300201766e2000c0914af7431de8c7ae8757eb2c974006dc7d9fe037cbb1569665a64002008f76f5e11b480be387407b920479273fc7e039edba805b55aa1e2d72965796a483b9af7dbce61f734bc824acc892ff5a3c655f29e0ba129eb24ae3ae944a56d0a7b46933a6a86942f89eadac7bda1e513ce97776f4e7e65127f2685bc3f250b4968264f94572d261ce8a3df0f83ecd0e022c6ca0c3ee6ba54a8fc5f283ca698",
+    "l3": "30b74db9252e8e2219bb2a0d0708a10b6eac6fee0c2c8ae754062e993ecd18d4",
+    "client_registration_state": "00036964550003696453803739feafc45969f9be5a6ab6ea0cbc8c6ee5144bc7ce83b6f8acb77e160c0470617373776f7264",
+    "client_login_state": "00036964550003696453803739feafc45969f9be5a6ab6ea0cbc8c6ee5144bc7ce83b6f8acb77e160c0480de26e3c0fd87c860030bb600b0a8b33eba54c02e243b4584137da648c5847a1642c14481e4d3822ca5e038696f86b133c2a3c28bc0c4ee2f6e10305443c5dcbafb8dcb23578e52a981d66816d55659b49caf268dce519d190b42571ff031b570617373776f7264",
+    "server_registration_state": "288b3f25582a4d5f1a775442805a44b77266430e90124e288176d56eaadabd05",
+    "server_login_state": "94a3839f257cac066c706a4086516f9bf3f99108309f0d7e3d8423cb716ad6544682fc2f3d3e719931c16f6b4befe0438b8daaff99bd21ce2306ea23882f208d7e482d1a199d47861c103f6d0859e4b9a13375a97901f9f1c9d75bbaf52f43b1",
+    "password_file": "288b3f25582a4d5f1a775442805a44b77266430e90124e288176d56eaadabd05e7dce23c92339bf0719c2faaa25d9b32997501316552241661331ddb2d621d0f6ed65068854948760f5e23042e1f64614382828206ac24389addb709beb2df5d00235c8cbe660578c0a07a0be2ffad5c638a9d80dfab9323c3f2f51b15100bdf6a5116506b00230300201766e2000c0914af7431de8c7ae8757eb2c974006dc7d9fe037cbb1569665a64002008f76f5e11b480be387407b920479273fc7e039edba805b55aa1e2d72965796a",
+    "export_key": "e7a3827bf6f1404ecb210fde8bab2367daa0ae206b959f981816cef02f931d81",
+    "shared_secret": "7e482d1a199d47861c103f6d0859e4b9a13375a97901f9f1c9d75bbaf52f43b1"
 }
 "#;