Tink Primitives
Tink performs cryptographic tasks via so-called primitives and interfaces.
Supported primitives and their implementations
Primitives supported by language
See https://developers.google.com/tink/primitives-by-language
Primitive implementations supported by language
See https://developers.google.com/tink/supported-key-types
General properties of all primitives
- stateless (hence thread-safe)
- copy-safe (for the parameters)
- at least 128-bit security (with an exception for RSA)
Authenticated Encryption with Associated Data
See https://developers.google.com/tink/aead
Streaming Authenticated Encryption with Associated Data
See https://developers.google.com/tink/streaming-aead
Deterministic Authenticated Encryption with Associated Data
See https://developers.google.com/tink/deterministic-aead
Message Authentication Code
See https://developers.google.com/tink/mac
Pseudo Random Function Families
The PRF set primitive allows to redact data in a deterministic fashion, for example personal identifiable information or internal IDs, or to come up with a user ID from user information without revealing said information in the ID. This allows someone with access to the output of the PRF without access to the key do some types of analysis, while limiting others.
Note that while in theory PRFs can be used in other ways, for example for encryption or message authentication, the corresponding primitives should only be used for these use cases.
WARNING: Since PRFs operate deterministically on their input, using a PRF to redact will not automatically provide anonymity, but only provide pseudonymity. It is an important tool to build privacy aware systems, but has to be used carefully.
Minimal properties:
- without knowledge of the key the PRF is indistinguishable from a random function
- at least 128-bit security, also in multi-user scenarios (when an attacker is not targeting a specific key, but any key from a set of up to 232 keys)
- at least 16 byte of output available
WARNING: While HMAC-SHA-2 and HKDF-SHA-2 behave like a cryptographically secure hash function if the key is revealed, and still provide some protection against revealing the input, AES-CMAC is only secure as long as the key is secure.
Since Tink operates on key sets, this primitive exposes a corresponding set of PRFs instead of a single PRF. The PRFs are indexed by a 32 bit key id. This can be used to rotate the key used to redact a piece of information, without losing the previous association.
Hybrid Encryption
See https://developers.google.com/tink/hybrid
Digital Signatures
See https://developers.google.com/tink/digital-signature