privacybydesign / gabi Goto Github PK
View Code? Open in Web Editor NEWImplementation of the Idemix attribute based credential scheme used in IRMA
License: BSD 3-Clause "New" or "Revised" License
Implementation of the Idemix attribute based credential scheme used in IRMA
License: BSD 3-Clause "New" or "Revised" License
In go neither of modular exponentiation, multiplication nor gcd are constant time, and thus they can aid an attacker at recovering sensitive information.
In gabi in most instances there is a random element in the functions using the non-const time arithmetic, thus if an attacker is only able to invoke and measure the gabi function (for example over the network), they all have considerable noise due to the random elements and most of the time their sample size is limited to one, since the random element is unique for each invocation. Thus such an attacker has a negligible chance of succeeding. However an attacker that is hosted on the same CPU and can do more precise measurements only targeting the exp/mul/gcd without the added noise around them, has a good chance of exploiting this. It is thus recommended to implement (and possibly upstream) const-time exp/gcd arithmetic.
One instance of timing sensitive mul
is when the modulus n
is being computed from the issuers secret key q'
and p'
by multiplying them. Since these two values are not needed for anything else, it is recommended to replace them with the calculated value of n
and thus eliminate the multiplication of them and storing them altogether.
The secret key of the issuer, the private attributes of the prover are not protected in RAM from being swapped to disk and they are not sanitized after they are not needed anymore, and thus they can linger for an attacker with a appropriate info leak vulnerability to extract this information. It is recommended to use memguard https://spacetime.dev/memory-security-go - to store all sensitive information and to limit any kind of exposure to info leaks.
Each user has one "record" stored at the keyshare server and this record is accessed every time the user shows their credentials. Thus even a honest-but-curious server can learn when a user shows their credentials. In the worst case this can lead to time correlation attacks and break anonymity/unlinkability. Furthermore the keyshare server learns the IP address of the user.
The keyshare server breaks decentralization of the protocol and acts as a possible target for DoS attacks which will have as a result that none of the users will be able to show their credentials.
In ./gabi/keys.go func (privk *PrivateKey) WriteToFile()
writes privkey to file, permissions are not set at all, or to 0666 which is very lax.
Recommendation: change the access rights to 0600
.
In file keys.go:315 in the function func (pubk *PublicKey) WriteToFile(filename string, forceOverwrite bool) (int64, error)
os.OpenFile(filename, os.O_RDWR|os.O_CREATE|os.O_EXCL, 0666)
This makes it trivially easy for an attacker to change the public keys to some values controlled by them.
Recommendation: change this to 0644
.
The deserialization functions NewPrivateKeyFrom...()
in gabi/keys.go do not do any sanity checks, loaded keys can be bogus, non-safeprimes, composites, etc.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.