How to Implement PHP Type Safety Using Ristretto PHP: Manipulate values in type safe way using classes
| Recommend this page to a friend! |
  Download .zip |
| Info |  Documentation |
View files (12) |
Download .zip |
Reputation | Support forum | Blog (1) | Links |
| Last Updated | Ratings | Unique User Downloads | Download Rankings | |||||
2022-11-07 (11 months ago)  | Not yet rated by the users | Total: 33 | All time: 10,834 This week: 200 | |||||
| Version | License | PHP version | Categories | |||
| ristretto-php 1.0.0 | MIT/X Consortium ... | 5 | PHP 5, Cryptography, Data types |
| Description | Author | ||||||||||||||||||||||||||||||
This package can manipulate values in type safe way using classes. Innovation Award
|
| ||||||||||||||||||||||||||||||
Documentation
Ristretto (PHP)
Implements a type-safe API for working with the Ristretto Group in PHP projects.
Requirements
- PHP 8.1 or newer
Installing
composer require paragonie/ristretto
Documentation
There are two basic types: ScalarValue and GroupElement.
The ScalarValue object wraps a big integer between 0 and the order of the Ristretto Group, L.
The GroupElement object wraps a group element of the Ristretto Group.
If an analogy helps, in the world of Ed25519 and X25519, the ScalarValue is your secret key,
and GroupElement is your public key.
For that reason, there are also a SecretKey and PublicKey class, which contains some
basic helper methods for ease-of-use.
Usage
You can convert from scalars to group elements with multBase(), and then use
scalarPointMultiply() to perform a commutative group action (e.g. Diffie-Hellman).
<?php
use ParagonIE\Ristretto\{GroupElement, ScalarValue};
$aliceSecret = ScalarValue::random();
$alicePublic = $aliceSecret->multBase();
$bobSecret = ScalarValue::random();
$bobPublic = $bobSecret->multBase();
// You can perform a similar commutative group action
$aliceToBob = $aliceSecret->scalarPointMultiply($bobPublic);
$bobToAlice = $bobSecret->scalarPointMultiply($alicePublic);
var_dump($aliceToBob->equals($bobToAlice)); // bool(true)
Otherwise, most operations are within a given type (GroupElement to GroupElement, ScalarValue to ScalarValue).
GroupElement
<?php
use ParagonIE\Ristretto\{GroupElement};
$x = GroupElement::random();
$y = GroupElement::random();
$z = $x->add($y);
$w = $z->sub($y);
var_dump($w->equals($x)); // bool(true)
ScalarValue
Example
This is a PHP implementation of the libsodium example protocol.
> Perform a secure two-party computation of f(x) = p(x)^k. x is the input sent to the second party
> by the first party after blinding it using a random invertible scalar r, and k is a secret key
> only known by the second party. p(x) is a hash-to-group function.
<?php
use ParagonIE\Ristretto\{GroupElement};
// -------- First party -------- Send blinded p(x)
$x = random_bytes(64);
// Compute px = p(x), a group element derived from x
$px = GroupElement::fromHash($x);
// Compute a = p(x) * g^r
$r = ScalarValue::random();
$gr = $r->multBase();
$a = $px->add($gr);
// -------- Second party -------- Send g^k and a^k
$k = ScalarValue::random();
// Compute v = g^k
$v = $k->multBase();
// Compute b = a^k
$b = $k->scalarPointMultiply($a);
// -------- First party -------- Unblind f(x)
// Compute vir = v^(-r)
$ir = $r->negate();
$vir = $v->scalarPointMultiply($ir);
// Compute f(x) = b v^(-r) = (p(x) g^r)^k * (g^k)^(-r)
// = (p(x) g)^k g^(-k) = p(x)^k
$fx = $b->add($vir);
// --------- Correctness testing -----------
// If you knew both p(x) and k, you could calculate it directly.
// Directly calculate p(x)^k with both parties' secrets
$pxk = $px->scalarPointMultiply($k);
var_dump($fx->equals($pxk)); // bool(true)
Ristretto (PHP)
Implements a type-safe API for working with the Ristretto Group in PHP projects.
Requirements
- PHP 8.1 or newer
Installing
composer require paragonie/ristretto
Documentation
There are two basic types: ScalarValue and GroupElement.
The ScalarValue object wraps a big integer between 0 and the order of the Ristretto Group, L.
The GroupElement object wraps a group element of the Ristretto Group.
If an analogy helps, in the world of Ed25519 and X25519, the ScalarValue is your secret key,
and GroupElement is your public key.
For that reason, there are also a SecretKey and PublicKey class, which contains some
basic helper methods for ease-of-use.
Usage
You can convert from scalars to group elements with multBase(), and then use
scalarPointMultiply() to perform a commutative group action (e.g. Diffie-Hellman).
<?php
use ParagonIE\Ristretto\{GroupElement, ScalarValue};
$aliceSecret = ScalarValue::random();
$alicePublic = $aliceSecret->multBase();
$bobSecret = ScalarValue::random();
$bobPublic = $bobSecret->multBase();
// You can perform a similar commutative group action
$aliceToBob = $aliceSecret->scalarPointMultiply($bobPublic);
$bobToAlice = $bobSecret->scalarPointMultiply($alicePublic);
var_dump($aliceToBob->equals($bobToAlice)); // bool(true)
Otherwise, most operations are within a given type (GroupElement to GroupElement, ScalarValue to ScalarValue).
GroupElement
<?php
use ParagonIE\Ristretto\{GroupElement};
$x = GroupElement::random();
$y = GroupElement::random();
$z = $x->add($y);
$w = $z->sub($y);
var_dump($w->equals($x)); // bool(true)
ScalarValue
Example
This is a PHP implementation of the libsodium example protocol.
> Perform a secure two-party computation of f(x) = p(x)^k. x is the input sent to the second party
> by the first party after blinding it using a random invertible scalar r, and k is a secret key
> only known by the second party. p(x) is a hash-to-group function.
<?php
use ParagonIE\Ristretto\{GroupElement};
// -------- First party -------- Send blinded p(x)
$x = random_bytes(64);
// Compute px = p(x), a group element derived from x
$px = GroupElement::fromHash($x);
// Compute a = p(x) * g^r
$r = ScalarValue::random();
$gr = $r->multBase();
$a = $px->add($gr);
// -------- Second party -------- Send g^k and a^k
$k = ScalarValue::random();
// Compute v = g^k
$v = $k->multBase();
// Compute b = a^k
$b = $k->scalarPointMultiply($a);
// -------- First party -------- Unblind f(x)
// Compute vir = v^(-r)
$ir = $r->negate();
$vir = $v->scalarPointMultiply($ir);
// Compute f(x) = b v^(-r) = (p(x) g^r)^k * (g^k)^(-r)
// = (p(x) g)^k g^(-k) = p(x)^k
$fx = $b->add($vir);
// --------- Correctness testing -----------
// If you knew both p(x) and k, you could calculate it directly.
// Directly calculate p(x)^k with both parties' secrets
$pxk = $px->scalarPointMultiply($k);
var_dump($fx->equals($pxk)); // bool(true)
| Files |
| File | Role | Description | ||
|---|---|---|---|---|
| .github (1 directory) |
||||
| src (5 files) |
||||
| tests (1 file) |
||||
  composer.json |
Data | Auxiliary data | ||
| phpunit.xml |
Data | Auxiliary data | ||
| psalm.xml |
Data | Auxiliary data | ||
| README.md |
Doc. | Read me | ||
| Files |
/ | src |
| File | Role | Description |
|---|---|---|
| GroupElement.php |
Class | Class source |
| PublicKey.php |
Class | Class source |
| Ristretto.php |
Class | Class source |
| ScalarValue.php |
Class | Class source |
| SecretKey.php |
Class | Class source |
| Version Control | Unique User Downloads | Download Rankings | |||||||||||||||
| 100% |
|
|
| Applications that use this package |
If you know an application of this package, send a message to the author to add a link here.
