Let's say I'm using the OPRF endpoint, and for any given reason, the OPRF secrets needs to be rotated. How, do we deal with such a situation?
Consider a system where the calculated pseudonyms are stored in a database, we can tag each pseudonym with a version number. But converting a pseudonym back to the original input is impossible, so how do we calculate the new pseudonym when a new key needs to be used?
Perhaps this is discussed somewhere? If not, we can perhaps chain multiple PRF's together? As in:
pseudonym_v1 = PRF(originalInput, secret_1)
pseudonym_v2 = PRF(pseudonym_v1, secret_2)
If secret_1 is compromised, we can roll forward all stored pseudonyms to the the next version even if we lost track of the original inputs.
Let's say I'm using the OPRF endpoint, and for any given reason, the OPRF secrets needs to be rotated. How, do we deal with such a situation?
Consider a system where the calculated pseudonyms are stored in a database, we can tag each pseudonym with a version number. But converting a pseudonym back to the original input is impossible, so how do we calculate the new pseudonym when a new key needs to be used?
Perhaps this is discussed somewhere? If not, we can perhaps chain multiple PRF's together? As in:
pseudonym_v1 = PRF(originalInput, secret_1)pseudonym_v2 = PRF(pseudonym_v1, secret_2)If
secret_1is compromised, we can roll forward all stored pseudonyms to the the next version even if we lost track of the original inputs.