Skip to content

hpicrypto/AIF

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

Repository files navigation

Authenticated Implicit Flow (AIF)

Welcome to the code repository for our PETS'23 paper:

Save The Implicit Flow? Enabling Privacy-Preserving RP Authentication in OpenID Connect.

This repository contains the implementation and benchmarks of the $\mathsf{AIF_{SIG}}$, $\mathsf{AIF_{COM}}$, and $\mathsf{AIF_{ZKP}}$ constructions, as presented in our paper. The corresponding scheme implementations can be found in the src/schemes directory.

Note that the commitment scheme $\mathsf{COM}$ utilizes Pedersen commitments, which can be accessed through the following resources:

For the multi-message signature scheme $\mathsf{MMS}$ with efficient proofs, we employ PS signatures. The related information can be accessed through the following resources:

If you utilize our code implementation or draw insights from our paper, we kindly request that you cite our work accordingly.

@inproceedings{PETS:KroLeh23,
  author    = {Maximilian Kroschewski and Anja Lehmann},
  title     = {Save The Implicit Flow? Enabling Privacy-Preserving RP Authentication in OpenID Connect},
  journal   = {Proceedings on Privacy Enhancing Technologies},
  volume    = {4},
  pages     = {96--116},
  year      = {2023}
}

Setup

To ensure a smooth experience, please make sure you have the following prerequisites installed in your environment:

  • Node.js
  • npm
  • (Optional) Docker

Follow the steps below to set up the repository:

  1. Clone this repository to your local environment.
  2. Run the command npm install to install the necessary dependencies.

Benchmark

You have the option to run the benchmarks either locally or within a Docker container. The following flags can be provided to customize the benchmark execution:

# Set the number of executions; default is 100
BENCHMARK_COUNT=1

# Use optimized proofs (AIF_ZKP only); default is 0
OPTIMIZED_PROOFS=1

# Dev-flag that excludes all RSA operations; default is 0
WITHOUT_RSA=1

Locally

Execute the benchmarks locally using the following commands:

# Example without flags
npm run benchmark

# Examples with flags
BENCHMARK_COUNT=1 OPTIMIZED_PROOFS=0 WITHOUT_RSA=0 npm run benchmark
BENCHMARK_COUNT=1 OPTIMIZED_PROOFS=1 npm run benchmark

Docker

If you prefer to use Docker, build the image first. This step is only required once:

docker build -t aif .

Run the container using the command:

docker run -e BENCHMARK_COUNT=10 -e OPTIMIZED_PROOFS=1 aif npm run benchmark

Tests

The tests for the building blocks can be found in the tests/building-blocks directory, while the tests for the schemes are located in tests/schemes. You can execute all tests by running the following command:

npm test

About

Implementation and benchmarks of the Authenticated Implicit Flow (AIF) constructions.

Resources

Readme

License

BSD-3-Clause license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages