Script updating gh-pages from 4d11c02. [ci skip]

Yubico · Apr 9, 2024 · b128956 · b128956
1 parent 07cd7f0
commit b128956
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 0 deletions.
diff --git a/draft-bradleylundberg-cfrg-arkg.html b/draft-bradleylundberg-cfrg-arkg.html
@@ -1165,6 +1165,11 @@ <h2 id="name-copyright-notice">
 </li>
               <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.2">
                 <p id="section-toc.1-1.2.2.2.1"><a href="#section-2.2" class="auto internal xref">2.2</a>.  <a href="#name-the-function-arkg-generate-" class="internal xref">The function ARKG-Generate-Seed</a></p>
+<ul class="compact toc ulBare ulEmpty">
+<li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.2.2.1">
+                    <p id="section-toc.1-1.2.2.2.2.1.1"><a href="#section-2.2.1" class="auto internal xref">2.2.1</a>.  <a href="#name-deterministic-key-generatio" class="internal xref">Deterministic key generation</a></p>
+</li>
+                </ul>
 </li>
               <li class="compact toc ulBare ulEmpty" id="section-toc.1-1.2.2.3">
                 <p id="section-toc.1-1.2.2.3.1"><a href="#section-2.3" class="auto internal xref">2.3</a>.  <a href="#name-the-function-arkg-derive-pu" class="internal xref">The function ARKG-Derive-Public-Key</a></p>
@@ -1577,6 +1582,25 @@ <h3 id="name-the-function-arkg-generate-">
     sk = (sk_kem, sk_bl)
 </pre><a href="#section-2.2-2" class="pilcrow">¶</a>
 </div>
+<div id="deterministic-key-generation">
+<section id="section-2.2.1">
+          <h4 id="name-deterministic-key-generatio">
+<a href="#section-2.2.1" class="section-number selfRef">2.2.1. </a><a href="#name-deterministic-key-generatio" class="section-name selfRef">Deterministic key generation</a>
+          </h4>
+<p id="section-2.2.1-1">Although the above definition expresses the key generation as opaque,
+likely sampling uniformly random key distributions,
+implementations <span class="bcp14">MAY</span> choose to implement the functions <code>BL-Generate-Keypair()</code>,
+<code>KEM-Generate-Keypair()</code> and <code>ARKG-Generate-Seed()</code>
+as deterministic functions of some out-of-band input.
+This can be thought of as defining a single-use ARKG instance where these function outputs are static.
+This use case is beyond the scope of this document
+since the implementation of <code>ARKG-Generate-Seed</code> is internal to the delegating party,
+even if applications choose to distribute the delegating party across multiple processing entities.<a href="#section-2.2.1-1" class="pilcrow">¶</a></p>
+<p id="section-2.2.1-2">For example, one entity may randomly sample <code>pk_bl</code>, derive <code>pk_kem</code> deterministically from <code>pk_bl</code>
+and submit only <code>pk_bl</code> to a separate service that uses the same procedure to also derive the same <code>pk_kem</code>.
+This document considers both of these entities as parts of the same logical delegating party.<a href="#section-2.2.1-2" class="pilcrow">¶</a></p>
+</section>
+</div>
 </section>
 </div>
 <div id="the-function-arkg-derive-public-key">

diff --git a/draft-bradleylundberg-cfrg-arkg.txt b/draft-bradleylundberg-cfrg-arkg.txt
@@ -78,6 +78,7 @@ Table of Contents
    2.  The Asynchronous Remote Key Generation (ARKG) algorithm
      2.1.  Instance parameters
      2.2.  The function ARKG-Generate-Seed
+       2.2.1.  Deterministic key generation
      2.3.  The function ARKG-Derive-Public-Key
      2.4.  The function ARKG-Derive-Secret-Key
    3.  Generic ARKG instantiations
@@ -419,6 +420,25 @@ Table of Contents
        pk = (pk_kem, pk_bl)
        sk = (sk_kem, sk_bl)
 
+2.2.1.  Deterministic key generation
+
+   Although the above definition expresses the key generation as opaque,
+   likely sampling uniformly random key distributions, implementations
+   MAY choose to implement the functions BL-Generate-Keypair(), KEM-
+   Generate-Keypair() and ARKG-Generate-Seed() as deterministic
+   functions of some out-of-band input.  This can be thought of as
+   defining a single-use ARKG instance where these function outputs are
+   static.  This use case is beyond the scope of this document since the
+   implementation of ARKG-Generate-Seed is internal to the delegating
+   party, even if applications choose to distribute the delegating party
+   across multiple processing entities.
+
+   For example, one entity may randomly sample pk_bl, derive pk_kem
+   deterministically from pk_bl and submit only pk_bl to a separate
+   service that uses the same procedure to also derive the same pk_kem.
+   This document considers both of these entities as parts of the same
+   logical delegating party.
+
 2.3.  The function ARKG-Derive-Public-Key
 
    This function is performed by the subordinate party, which holds the