Initial commit

.github/workflows/qc.yml

@@ -0,0 +1,91 @@
+name: "Pre-merge Quality-Control"
+on:
+  push:
+    branches: [main]
+  pull_request:
+    branches: [main]
+  workflow_dispatch:
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    name: "Test"
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.cargo/git
+            ~/.cargo/registry
+            target/
+          key: ${{ runner.os }}-${{ steps.rust-install.outputs.rustc_hash}}-cargo
+
+      - name: Run testsuite
+        run: |
+          cargo test
+
+  qc:
+    runs-on: ubuntu-latest
+    name: "Quality Control"
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install rust
+        id: rust-install
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          components: rustfmt, clippy
+
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.cargo/git
+            ~/.cargo/registry
+            target/
+          key: ${{ runner.os }}-${{ steps.rust-install.outputs.rustc_hash}}-cargo
+
+      - name: Check formatting
+        run: |
+          cargo fmt --check
+
+      - name: Consult Clippy
+        run: |
+          cargo clippy -- -D warnings
+
+  bench:
+    runs-on: ubuntu-latest
+    name: "Benchmarks"
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install rust
+        id: rust-install
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+          components: rustfmt, clippy
+
+      # We deliberately use a separate cache for this job, so that we can
+      # get consistent comparisons with previous runs, without other jobs'
+      # caching possibly squashing that
+      - uses: actions/cache@v2
+        with:
+          path: |
+            ~/.cargo/git
+            ~/.cargo/registry
+            target/
+          key: ${{ runner.os }}-${{ steps.rust-install.outputs.rustc_hash}}-cargo-criterion
+
+      - name: Measure
+        run: |
+          cargo bench

.github/workflows/release.yml

@@ -0,0 +1,33 @@
+name: "Release to crates.io"
+on:
+  release:
+    types: [created]
+  workflow_dispatch:
+
+jobs:
+  upload:
+    runs-on: ubuntu-latest
+    name: "Upload"
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Install rust
+        uses: actions-rs/toolchain@v1
+        with:
+          toolchain: stable
+
+      - name: Set Cargo.toml version
+        shell: bash
+        env:
+          RELEASE_TAG: ${{ github.ref }}
+        run: |
+          mv Cargo.toml Cargo.toml.tmpl
+          sed "s/0\\.0\\.0-git/${RELEASE_TAG##*\/v}/" Cargo.toml.tmpl >Cargo.toml
+          rm Cargo.toml.tmpl
+
+      - name: Do The Needful
+        env:
+          CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_TOKEN }}
+        run: |
+          cargo publish --allow-dirty

.gitignore

@@ -0,0 +1,4 @@
+/Cargo.lock
+/target
+/perf.data*
+/flamegraph.svg

CODE_OF_CONDUCT.md

@@ -0,0 +1,48 @@
+# Contributor Code of Conduct
+
+As contributors and maintainers of this project, and in the interest of
+fostering an open and welcoming community, we pledge to respect all people who
+contribute through reporting issues, posting feature requests, updating
+documentation, submitting pull requests or patches, and other activities.
+
+We are committed to making participation in this project a harassment-free
+experience for everyone, regardless of level of experience, gender, gender
+identity and expression, sexual orientation, disability, personal appearance,
+body size, race, ethnicity, age, religion, or nationality.
+
+Examples of unacceptable behavior by participants include:
+
+* The use of sexualized language or imagery
+* Personal attacks
+* Trolling or insulting/derogatory comments
+* Public or private harassment
+* Publishing other's private information, such as physical or electronic
+  addresses, without explicit permission
+* Other unethical or unprofessional conduct
+
+Project maintainers have the right and responsibility to remove, edit, or
+reject comments, commits, code, wiki edits, issues, and other contributions
+that are not aligned to this Code of Conduct, or to ban temporarily or
+permanently any contributor for other behaviors that they deem inappropriate,
+threatening, offensive, or harmful.
+
+By adopting this Code of Conduct, project maintainers commit themselves to
+fairly and consistently applying these principles to every aspect of managing
+this project. Project maintainers who do not follow or enforce the Code of
+Conduct may be permanently removed from the project team.
+
+This code of conduct applies both within project spaces and in public spaces
+when an individual is representing the project or its community.
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported by contacting a project maintainer at coc@enquo.org. All complaints
+will be reviewed and investigated and will result in a response that is deemed
+necessary and appropriate to the circumstances. Maintainers are obligated to
+maintain confidentiality with regard to the reporter of an incident.
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 1.3.0, available at
+[http://contributor-covenant.org/version/1/3/0/][version]
+
+[homepage]: http://contributor-covenant.org
+[version]: http://contributor-covenant.org/version/1/3/0/

CONTRIBUTING.md

@@ -0,0 +1,11 @@
+* IF YOU HAVE FOUND A SECURITY FLAW, please e-mail `security@enquo.org`.
+
+* If you have found a discrepancy in documented and observed behaviour, that is a bug.
+  Feel free to [report it as an issue](https://github.com/enquo/cretrit/issues), providing sufficient detail to reproduce the problem.
+
+* If you would like to add new behaviour, please submit a well-tested and well-documented [pull request](https://github.com/enquo/cretrit/pulls).
+
+* By making a contribution to this repository, you agree that the contribution is licenced under the terms of the [MIT licence](./LICENCE).
+  Further, you warrant that you hold all intellectual property rights in the contribution, or that you have the permission of the owner of those rights to make the contribution under these conditions.
+
+* At all times, abide by the Code of Conduct (CODE_OF_CONDUCT.md).

Cargo.toml

@@ -0,0 +1,34 @@
+[package]
+name = "cretrit"
+description = "Flexible Order-Revealing Encryption library"
+license = "MIT"
+homepage = "https://enquo.org"
+repository = "https://github.com/enquo/cretrit"
+keywords = ["encryption", "search", "query", "ore"]
+categories = ["algorithms", "cryptography"]
+exclude = ["/.git*", "Cargo.toml.orig"]
+version = "0.0.0-git"
+edition = "2021"
+
+[dependencies]
+aes = { version = "0.8" }
+cmac = "0.7"
+hmac = { version = "0.12", features = ["reset"] }
+num = "0.3"
+rand = "0.8"
+rand_chacha = "0.3"
+sha2 = "0.10"
+thiserror = "1.0"
+zeroize = { version = "1.0", features = ["zeroize_derive"] }
+
+[dev-dependencies]
+criterion = "0.3"
+hex-literal = "0.3"
+quickcheck = "1.0"
+
+[profile.bench]
+debug = true
+
+[[bench]]
+name = "cretrit"
+harness = false

LICENCE

@@ -0,0 +1,19 @@
+The MIT License (MIT)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

README.md

@@ -0,0 +1,134 @@
+This is `cretrit` (pronounced "cre-TRIT"), a Rust library for performing comparison-revealing cryptographic operations (encryption, comparison) on arbitrary data.
+It implements the two-value and three-value encrypted comparison algorithms described in the paper [Order-Revealing Encryption: New Constructions, Applications, and Lower Bounds](https://eprint.iacr.org/2016/612.pdf) by Kevin Lewi and David J. Wu, of Stanford University.
+
+What this library allows you to do is to take plaintext values, encrypt them, and then perform comparison operations on the encrypted forms that produce results identical to the equivalent comparison operations on the plaintexts.
+This is typically useful for performing ordering (where the comparison is "is this value less-than, equal-to, or greater-than that value?") and equality ("is this value equal-to or not-equal-to that value?").
+However the library is designed to accommodate other comparison operators, in case the need arises.
+To provide implementation examples, and satisfy common use cases, generic ordering and equality ciphertext types are also provided.
+
+If the ideas in this library intrigue you, but the idea of fiddling around with these low-level primitives sounds a bit tedious, you may wish to check out the rest of [the Enquo Project](https://enquo.org).
+The Enquo Project exists to provide encrypted, queryable datastores for everyone, which uses comparison-revealing cryptography extensively.
+
+
+# Security Status
+
+This library has NOT been audited by any competent third party for implementation flaws.
+If you would like to undertake, or sponsor, such an audit, please get in touch.
+
+If you believe you have found a security flaw in this library, an e-mail to `security@enquo.org` would be appreciated.
+
+
+
+
+
+# Usage
+
+To use the existing ordering and equality types, you just have to select a *cipher suite*, and then `use` the module in that cipher suite that corresponds to the operation you wish to perform.
+At present, only one cipher suite is available, named `aes128v1`, and there are `ore` (order-revealing encryption) and `ere` (equality-revealing encryption) modules.
+From there, you instantiate a `Cipher` whose generic parameters represent the number of blocks (`N`) and the "width" of each block (the number of values representable by each block, `W`), giving it a key to use for encryption.
+For example:
+
+```rust
+// Let's do some order-revealing encryption!
+use cretrit::aes128v1::ore;
+
+// This cipher has four blocks, the value of each is in the range
+// 0-255.  Hence, this cipher can represent the ordering of values
+// between 0 and 256^4-1 (aka 2**32-1), which corresponds to a 32-bit
+// unsigned integer.
+let cipher: ore::Cipher::<4, 256>::new([0u8; 16]).unwrap();
+```
+
+This cipher is how you encrypt plaintexts.
+Internally, plaintexts are an array of the value of each block, and you can use that representation if you like.
+For encrypting unsigned integers, there are implementations of the `From` trait that allow you to pass the integers in directly, like this:
+
+```rust
+let forty_two: u32 = 42;
+let ore_forty_two = cipher.encrypt(forty_two.into()).unwrap();
+let over_nine_thousand: u32 = 9001;
+let ore_over_nine_thousand = cipher.encrypt(over_nine_thousand.into()).unwrap();
+```
+
+Ciphertexts for the order-revealing and equality-revealing encryption schemes implement `Ord`, `Eq`, and the `Partial*` variants as appropriate.
+Thus, you can just compare the outputs of the `encrypt` function like they were any other value:
+
+```rust
+assert!(ore_forty_two != ore_over_nine_thousand);
+assert!(ore_forty_two < ore_over_nine_thousand);
+```
+
+You can also serialise and deserialise ciphertexts to/from `u8` vectors, which allows you to store them in files, databases, etc.
+A simple example of round-tripping a ciphertext:
+
+```rust
+// Pull in the necessary trait
+use cretrit::SerializableCipherText;
+
+let v = ore_forty_two.to_vec();
+
+// When deserialising a ciphertext, you need to specify the cipher parameters
+// so that the types line up.
+let new_forty_two = ore::CipherText::<4, 256>::from_slice(&v).unwrap();
+
+// Once it's deserialised, it's back to its original form and ready to
+// go!
+assert!(new_forty_two == ore_forty_two);
+assert!(new_forty_two != ore_over_nine_thousand);
+assert!(new_forty_two < ore_over_nine_thousand);
+```
+
+
+# Terminology
+
+To help make sense of everything, here's some of the terms that we use in the codebase and documentation.
+
+* **Comparison-Revealing Encryption**: a generic encryption scheme which produces ciphertexts which can be compared against one another to determine a defined relationship between the plaintexts from which the ciphertexts were produced.
+  Ideally, the ciphertexts do not reveal any other information about the two plaintexts or their relationship to each other.
+
+* **Order-Revealing Encryption**: a form of comparison-revealing encryption, which produces ciphertexts which reveal the relative ordering of ciphertexts, without giving any indication of the actual value of the underlying plaintexts.
+  This is done by revealing whether a ciphertext is less-than, equal-to, or greater-than any other ciphertext, which is all that is necessary to order any collection of ciphertexts.
+
+* **Equality-Revealing Encryption**: a form or comparison-revealing encryption, which produces ciphertexts which reveal whether the plaintext value behind two ciphertexts are equal, or not.
+  While order-revealing encryption can also be used to reveal equality, this form is useful when there is no well-defined ordering of a set of values, or you specifically do not which to reveal that ordering.
+  The ciphertexts produced by equality-revealing encryption are also smaller than those produced by order-revealing encryption.
+
+* **Cipher Suite**: a collection of cryptographic primitives which, in combination, are needed to perform the complete set of comparison-revealing encryption operations.
+  Multiple cipher suites may be defined to upgrade security, or provide increased performance.
+
+* **Cipher**: a combination of a cipher suite and comparison operator which, together, provide the ability to encrypt a plaintext into a particular comparison-revealing form.
+
+* **Plaintext Block**: to keep ciphertext sizes under control, the Lewi-Wu scheme breaks a single large plaintext into smaller blocks.
+  Each block can represent values of a certain range, and a single plaintext has a certain number of blocks.
+  These parameters control the size and leakage of the corresponding ciphertext.
+
+
+# Contributing
+
+For general guidelines for contributions, see [CONTRIBUTING.md](CONTRIBUTING.md).
+
+
+# Licence
+
+Unless otherwise stated, everything in this repo is covered by the following
+licence statement (the MIT licence):
+
+    Copyright (C) 2022  Matt Palmer <matt@enquo.org>
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.