Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

What should be the return value of getEncryptedMatchKey()? #50

Open
richajaindce opened this issue Mar 15, 2023 · 0 comments
Open

What should be the return value of getEncryptedMatchKey()? #50

richajaindce opened this issue Mar 15, 2023 · 0 comments

Comments

@richajaindce
Copy link
Contributor

richajaindce commented Mar 15, 2023

This issue tries to define the object which will be returned by getEncryptedMatchKey API.

Relevant reading

https://github.com/patcg-individual-drafts/ipa/blob/main/details/encryption.md

Proposed return value

We have detailed out getEncryptedMatchKey interface and implementation detail in #52 and in this PR, we would like to double-down on its return value, PrivateAttributionEncryptedMatchKey.

dictionary PrivateAttributionHelperShare {
    // This is the identifier for the HPKE key that was used to encrypt. 
    // Since the helper party may have multiple keys, this indicates which one to apply
    uint8 keyId;
    ArrayBuffer encryptedShare;
};


dictionary PrivateAttributionEncryptedMatchKey {
    // The registrable domain of the top-level "site" that the encrypted match key was generated for.
    DOMString site;
    // Epoch during which the encrypted match key was generated
    uint16 epoch;
    // Map from helper to the encrypted bits they get and additional info used to generate those bits
    record<DOMString, PrivateAttributionHelperShare> shares;
};

PrivateAttributionEncryptedMatchKey will consist of

  • site: The top-level site for which the encrypted match key was generated (see Should we use sites (i.e. registrable domains) or origins? #51 )
  • epoch: The epoch during which the encrypted match keys were generated.
  • shares: This will be a map from helper to PrivateAttributionHelperShare which contains the encrypted bits i.e. encryptedShare and additional information which will be needed to decrypt these shares i.e. keyId. keyId is the identifier for the HPKE key that was used to encrypt this share. Helper parties can have multiple keys. In this case, keyId would indicate which one to apply to decrypt this particular share.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant