// Copyright 2020 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
syntax = "proto3";
option optimize_for = LITE_RUNTIME;
package private_membership;
option go_package = "github.com/google/private-membership";
// An enum describing different types of available hash functions.
enum HashType {
HASH_TYPE_UNDEFINED = 0;
TEST_HASH_TYPE = 1;
SHA256 = 2;
reserved 3;
// Add more hash types if necessary.
}
// LINT.IfChange
// An enum describing how to hash IDs to encrypted buckets.
enum EncryptedBucketHashType {
ENCRYPTED_BUCKET_HASH_TYPE_UNDEFINED = 0;
ENCRYPTED_BUCKET_TEST_HASH_TYPE = 3;
// Use SHA256 of injective concatenation of non-sensitive and sensitive IDs.
// For backwards compatibility, this hash type should be used if this proto
// field is not specified.
SHA256_NON_SENSITIVE_AND_SENSITIVE_ID = 1;
reserved 2;
}
// LINT.ThenChange(//depot/google3/privacy/private_membership/rlwe/shared/rlwe_id_utils_test.cc:encrypted_bucket_hash_types)
// A proto message that holds the doubly encrypted identifier.
message DoublyEncryptedId {
// The identifier encrypted using the elliptic curve commutative
// cipher under an ephemeral key generated by the client that was sent in
// the request.
bytes queried_encrypted_id = 1;
// The double encryption of a client requested identifier. The encryption
// scheme used is the Elliptic Curve commutation cipher. The
// first encryption layer uses the client's ephemeral key while the second
// encryption layer uses the server's match key.
//
// The client will decrypt this field to get their queried identifier
// encrypted under only the server's key. The client will use this value to
// match with the contents of the encrypted bucket to determine if there is a
// match or not.
bytes doubly_encrypted_id = 2;
}
// A proto message used to store the plaintext response of a membership query of
// a single identifier.
message MembershipResponse {
// True if and only if the queried identifier was a member.
bool is_member = 1;
// The associated value if the queried identifier was a member. If the
// queried identifier is not a member, the value will be an empty string.
string value = 2;
}
Codebase Browser
chromium