Kind: global class
this: {MPIN256}
Creates an instance of MPIN256
Get epoch time for day
Kind: static method of MPIN256
Returns: time in slots since epoch
this: {MPIN256}
Convert byte array to string
Kind: static method of MPIN256
Returns: s string
this: {MPIN256}
Param | Description |
---|---|
b | byte array |
Convert a string to byte array
Kind: static method of MPIN256
Returns: b byte array
this: {MPIN256}
Param | Description |
---|---|
s | string |
Convert byte arrays
Kind: static method of MPIN256
Returns: true if equal
this: {MPIN256}
Param | Description |
---|---|
a | byte array |
b | byte array |
Hash values
Kind: static method of MPIN256
Returns: R hash value
this: {MPIN256}
Param | Description |
---|---|
c | FP8 instance |
U | ECP unstancebyte array |
General purpose hash function
Kind: static method of MPIN256
Returns: R hash value
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
n | Integer |
B | byte array |
maps a random u to a point on the curve
Kind: static method of MPIN256
Returns: P ECP pointhash value
this: {MPIN256}
Param | Description |
---|---|
u | BIG numberInteger |
cb | an integer representing the “sign” of y, in fact its least significant bit. |
returns u derived from P. Random value in range 1 to return value should then be added to u
Kind: static method of MPIN256
Returns: r Value that should be added to u to derive P
this: {MPIN256}
Param | Description |
---|---|
u | BIG numberInteger |
P | ECP pointhash value |
Add two members from the group G1
Kind: static method of MPIN256
Returns: 0 or an error code
this: {MPIN256}
Param | Description |
---|---|
R1 | Input member of G1 |
R2 | Input member of G1 |
R | Output member of G1. R=R1+R2 |
Add two members from the group G2
Kind: static method of MPIN256
Returns: 0 or an error code
this: {MPIN256}
Param | Description |
---|---|
W1 | Input member of G2 |
W2 | Input member of G2 |
W | Output member of G2. W=W1+W2 |
Hash the identity
Kind: static method of MPIN256
Returns: hash value
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
ID | Identity as byte array |
Create random secret
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
rng | cryptographically secure random number generator |
S | Random secret value |
Extract a PIN number from a client secret
Kind: static method of MPIN256
Returns: token
this: {MPIN256}
Parameter: sha hash type
Parameter: CID Client identity
Parameter: pin PIN value
Parameter: TOKEN Client secret
Extract factor from TOKEN for identity CID
Kind: static method of MPIN256
Returns: token
this: {MPIN256}
Parameter: sha hash type
Parameter: CID Client identity
Parameter: factor Value to extract
Parameter: facbits Number of bits in factor
Parameter: TOKEN Token value
Restore factor to TOKEN for identity CID
Kind: static method of MPIN256
Returns: token
this: {MPIN256}
Parameter: sha hash type
Parameter: CID Client identity
Parameter: factor Value to extract
Parameter: facbits Number of bits in factor
Parameter: TOKEN Token value
Create a server secret in G2 from a master secret
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
S | Master secret |
SST | Server secret = s.Q where Q is a fixed generator of G2 |
Find a random multiple of a point in G1
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Parameter: rng cryptographically secure random number generator
Param | Description |
---|---|
type | determines type of action to be taken |
x | an output internally randomly generated if R!=NULL, otherwise must be provided as an input |
G | if type=0 a point in G1, else an octet to be mapped to G1 |
W | the output =x.G or x.M(G), where M(.) is a mapping |
Create a client secret in G1 from a master secret and the client ID
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
S | is an input master secret |
CID | is the input client identity |
CST | is the full client secret = s.H(ID) |
Create a Time Permit in G1 from a master secret and the client ID
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
date | is input date, in days since the epoch. |
S | is an input master secret |
CID | is the input client identity |
CTT | is a Time Permit for the given date = s.H(d |
Perform first pass of the client side of the 3-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
date | is input date, in days since the epoch. Set to 0 if Time permits disabled |
CLIENT_ID | is the input client identity |
rng | is a pointer to a cryptographically secure random number generator |
X | an output internally randomly generated if R!=NULL, otherwise must be provided as an input |
pin | is the input PIN number |
TOKEN | is the input M-Pin token (the client secret with PIN portion removed) |
SEC | is output = CS+TP, where CS=is the reconstructed client secret, and TP is the time permit |
xID | is output = x.H(ID) |
xCID | is output = x.(H(ID)+H(d |
PERMIT | is the input time permit |
Perform second pass of the client side of the 3-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
X | an input, a locally generated random number |
Y | an input random challenge from the server |
SEC | on output = -(x+y).V |
Perform first pass of the server side of the 3-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
date | is input date, in days since the epoch. Set to 0 if Time permits disabled |
CID | is the input claimed client identity |
HID | is output H(ID), a hash of the client ID |
HTID | is output H(ID)+H(d |
Perform third pass on the server side of the 3-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
date | is input date, in days since the epoch. Set to 0 if Time permits disabled |
HID | is input H(ID), a hash of the client ID |
HTID | is input H(ID)+H(d |
Y | is the input server's randomly generated challenge |
SST | is the input server secret |
xID | is input from the client = x.H(ID) |
xCID | is input from the client= x.(H(ID)+H(d |
mSEC | is an input from the client |
E | is an output to help the Kangaroos to find the PIN error, or NULL if not required |
F | is an output to help the Kangaroos to find the PIN error, or NULL if not required |
Pa | is the input public key from the client, z.Q or NULL if the client uses regular mpin |
Use Kangaroos to find PIN error
Kind: static method of MPIN256
Returns: 0 if Kangaroos failed, or the PIN error e
this: {MPIN256}
Param | Description |
---|---|
E | a member of the group GT |
F | a member of the group GT = E^e |
Time since epoch
Kind: static method of MPIN256
Returns: time since epoch
this: {MPIN256}
Perform client side of the one-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
date | is input date, in days since the epoch. Set to 0 if Time permits disabled |
CLIENT_ID | is the input client identity |
rng | is a pointer to a cryptographically secure random number generator |
X | an output internally randomly generated if R!=NULL, otherwise must be provided as an input |
pin | is the input PIN number |
TOKEN | is the input M-Pin token (the client secret with PIN portion removed) |
SEC | is output = -(x+y)(CS+TP), where CS is the reconstructed client secret, and TP is the time permit |
xID | is output = x.H(ID) |
xCID | is output = x.(H(ID)+H(d |
PERMIT | is the input time permit |
TimeValue | is input epoch time in seconds - a timestamp |
Y | is output H(t |
Message | is the message to be signed |
Perform server side of the one-pass version of the M-Pin protocol
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
date | is input date, in days since the epoch. Set to 0 if Time permits disabled |
HID | is output H(ID), a hash of the client ID |
HTID | is output H(ID)+H(d |
Y | is output H(t |
SST | is the input server secret |
xID | is input from the client = x.H(ID) |
xCID | is input from the client= x.(H(ID)+H(d |
mSEC | is an input from the client |
E | is an output to help the Kangaroos to find the PIN error, or NULL if not required |
F | is an output to help the Kangaroos to find the PIN error, or NULL if not required |
CID | is the input claimed client identity |
TimeValue | is input epoch time in seconds - a timestamp |
MESSAGE | is the message to be signed |
Pa | is input from the client z.Q or NULL if the key-escrow less scheme is not used |
Precompute values for use by the client side of M-Pin Full
Kind: static method of MPIN256
Returns: O for success or else error code
this: {MPIN256}
Param | Description |
---|---|
TOKEN | is the input M-Pin token (the client secret with PIN portion removed) |
CID | is the input client identity |
G1 | precomputed output |
G2 | precomputed output |
Hash the session transcript
Kind: static method of MPIN256
Returns: H the output is the hash of all of the above that apply
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
HID | is the hashed input client ID = H(ID) |
xID | is the client output = x.H(ID) |
xCID | is the client output = x.(H(ID)+H(T |
SEC | is the client part response |
Y | is the server challenge |
R | is the client part response |
W | is the server part response |
Calculate Key on Client side for M-Pin Full
Kind: static method of MPIN256
Returns: 0 or an error code
this: {MPIN256}
Param | Description |
---|---|
sha | is the hash type |
G1 | precomputed input |
G2 | precomputed input |
pin | is the input PIN number |
R | is an input, a locally generated random number |
X | is an input, a locally generated random number |
H | is an input, hash of the protocol transcript |
wCID | is the input Server-side Diffie-Hellman component |
CK | is the output calculated shared key |
Calculate Key on Server side for M-Pin Full
Kind: static method of MPIN256
Returns: 0 or an error code
this: {MPIN256}
Param | Description |
---|---|
h | is the hash type |
Z | is the input Client-side Diffie-Hellman component |
SST | is the input server secret |
W | is an input random number generated by the server |
H | is an input, hash of the protocol transcript |
HID | is the hashed input client ID = H(ID) |
xID | is input from the client = x.H(ID) |
xCID | is input from the client= x.(H(ID)+H(d |
SK | is the output calculated shared key |
Generates a random public key for the client z.Q
Kind: static method of MPIN256
Returns: 0 or an error code
this: {MPIN256}
Param | Description |
---|---|
rng | cryptographically secure random number generator |
Z | an output internally randomly generated if R!=NULL, otherwise it must be provided as an input |
Pa | the output public key for the client |