doc/html/IssuerMaterial.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136

<!-- HTML header for doxygen 1.8.10-->
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
<meta name="generator" content="Doxygen 1.8.11"/>
<title>Intel&reg; Enhanced Privacy ID SDK: Sample Issuer Material</title>
<link href="tabs.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="jquery.js"></script>
<script type="text/javascript" src="dynsections.js"></script>
<link href="navtree.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="resize.js"></script>
<script type="text/javascript" src="navtreedata.js"></script>
<script type="text/javascript" src="navtree.js"></script>
<script type="text/javascript">
  $(document).ready(initResizable);
  $(window).load(resizeHeight);
</script>
<link href="doxygen.css" rel="stylesheet" type="text/css" />
<link href="epidstyle.css" rel="stylesheet" type="text/css"/>
</head>
<body>
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
<div id="titlearea">
<table cellspacing="0" cellpadding="0">
 <tbody>
 <tr style="height: 56px;">
  <td id="projectalign" style="padding-left: 0.5em;">
   <div id="projectname"><a 
                            onclick="storeLink('index.html')"
                            id="projectlink" 
                            class="index.html" 
                            href="index.html">Intel&reg; Enhanced Privacy ID SDK</a>
&#160;<span id="projectnumber">2.0.0</span>
</div>
  </td>
 </tr>
 </tbody>
</table>
</div>
<!-- end header part -->
<!-- Generated by Doxygen 1.8.11 -->
</div><!-- top -->
<div id="side-nav" class="ui-resizable side-nav-resizable">
  <div id="nav-tree">
    <div id="nav-tree-contents">
      <div id="nav-sync" class="sync"></div>
    </div>
  </div>
  <div id="splitbar" style="-moz-user-select:none;" 
       class="ui-resizable-handle">
  </div>
</div>
<script type="text/javascript">
$(document).ready(function(){initNavTree('IssuerMaterial.html','');});
</script>
<div id="doc-content">
<div class="header">
  <div class="headertitle">
<div class="title">Sample Issuer Material </div>  </div>
</div><!--header-->
<div class="contents">
<div class="toc"><h3>Table of Contents</h3>
<ul><li class="level1"><a href="#IssuerMaterial_Groups">Sample Groups</a><ul><li class="level2"><a href="#IssuerMaterial_Groups_groupa">groupa</a></li>
<li class="level2"><a href="#IssuerMaterial_Groups_groupb">groupb</a></li>
</ul>
</li>
<li class="level1"><a href="#IssuerMaterial_GroupRls">Group Based Revocation Lists</a></li>
</ul>
</div>
<div class="textblock"><p>Because the SDK does not include issuer APIs, pre-generated sample data is included for validation purposes.</p>
<dl class="section note"><dt>Note</dt><dd>Sample compressed key material is not included in the package.</dd></dl>
<h1><a class="anchor" id="IssuerMaterial_Groups"></a>
Sample Groups</h1>
<p>Issuers create groups and manage group membership. For each group, the issuer creates a group public key simultaneously with the corresponding issuing private key. The issuer uses the issuing private key to create unique member private keys for each group member, and makes the group public key available to verifiers.</p>
<p>All groups have the following:</p>
<ul>
<li>Group public key, which corresponds to the issuing private key kept by the issuer</li>
<li>Signature based revocation list</li>
<li>Private key based revocation list</li>
<li>Member private keys, generated from the issuing private key</li>
</ul>
<p>If a signature based revocation list or private key based revocation list does not exist, it is assumed to be empty.</p>
<h2><a class="anchor" id="IssuerMaterial_Groups_groupa"></a>
groupa</h2>
<p>There are eight members in <b>groupa</b>:</p>
<ul>
<li><b>groupa/member0</b> - A non-revoked member.</li>
<li><b>groupa/member1</b> - Another non-revoked member.</li>
<li><b>groupa/privrevokedmember0</b> - A revoked member. Revoked by Private-Key based revocation list (<code>groupa/privrl.bin</code>)</li>
<li><b>groupa/privrevokedmember1</b> - A revoked member. Revoked by Private-Key based revocation list (<code>groupa/privrl.bin</code>)</li>
<li><b>groupa/privrevokedmember2</b> - A revoked member. Revoked by Private-Key based revocation list (<code>groupa/privrl.bin</code>)</li>
<li><b>groupa/sigrevokedmember0</b> - A revoked member. Revoked by Signature based revocation list (<code>groupa/sigrl.bin</code>)</li>
<li><b>groupa/sigrevokedmember1</b> - A revoked member. Revoked by Signature based revocation list (<code>groupa/sigrl.bin</code>)</li>
<li><b>groupa/sigrevokedmember2</b> - A revoked member. Revoked by Signature based revocation list (<code>groupa/sigrl.bin</code>)</li>
</ul>
<p>The following are <b>groupa</b> revocation lists:</p>
<ul>
<li><code>groupa/privrl.bin</code> - Private-Key based revocation list. <b>privrevokedmember0</b>, <b>privrevokedmember1</b> and privrevokedmember2** revoked.</li>
<li><code>groupa/sigrl.bin</code> - Signature based revocation list. <b>sigrevokedmember0</b>, <b>sigrevokedmember0</b> and sigrevokedmember0** revoked.</li>
</ul>
<h2><a class="anchor" id="IssuerMaterial_Groups_groupb"></a>
groupb</h2>
<p>There are four members in <b>groupb</b>:</p>
<ul>
<li><b>groupb/member0</b> - A non-revoked member.</li>
<li><b>groupb/member1</b> - Another non-revoked member.</li>
<li><b>groupb/privrevokedmember0</b> - A revoked member. Revoked by Private-Key based revocation list (<code>groupb/privrl.bin</code>)</li>
<li><b>groupb/sigrevokedmember0</b> - A revoked member. Revoked by Signature based revocation list (<code>groupb/sigrl.bin</code>)</li>
</ul>
<p>The following are <b>groupb</b> revocation lists:</p>
<ul>
<li><code>groupb/privrl.bin</code> - Private-Key based revocation list. <b>privrevokedmember0</b> revoked.</li>
<li><code>groupb/sigrl.bin</code> - Signature based revocation list. <b>sigrevokedmember0</b> revoked.</li>
</ul>
<h1><a class="anchor" id="IssuerMaterial_GroupRls"></a>
Group Based Revocation Lists</h1>
<p>If an entire group is no longer valid, the issuer can revoke it using the group based revocation list. Two sample group based revocation lists are provided with the SDK.</p>
<ul>
<li><code>grprl_empty.bin</code> - No entries</li>
<li><code>grprl.bin</code> - One entry in which <b>groupb</b> is revoked. </li>
</ul>
</div></div><!-- contents -->
</div><!-- doc-content -->
<!-- HTML footer for doxygen 1.8.10-->
<!-- start footer part -->
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
  <ul>
    <li class="footer">
      &copy; 2016 Intel Corporation
    </li>
  </ul>
</div>
</body>
</html>