Documentation
¶
Index ¶
- func ProveDLogEquality(secret *big.Int, g1, g2, t1, t2 *ec.GroupElement, curve ec.Curve) bool
- func ProvePartialDLogKnowledge(group *ec.Group, secret1 *big.Int, a1, a2, b2 *ec.GroupElement) bool
- type BTEqualityProver
- type BTEqualityVerifier
- type BlindedTrans
- type ECTriple
- type EqualityProver
- type EqualityVerifier
- type PartialProver
- type PartialVerifier
- type Prover
- type Verifier
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func ProveDLogEquality ¶
ProveDLogEquality demonstrates how prover can prove the knowledge of log_g1(t1), log_g2(t2) and that log_g1(t1) = log_g2(t2) in EC group.
func ProvePartialDLogKnowledge ¶
ProvePartialDLogKnowledge demonstrates how prover can prove that he knows dlog_a2(b2) and the verifier does not know whether knowledge of dlog_a1(b1) or knowledge of dlog_a2(b2) was proved.
Types ¶
type BTEqualityProver ¶
func NewBTEqualityProver ¶
func NewBTEqualityProver(curve ec.Curve) *BTEqualityProver
func (*BTEqualityProver) GetProofData ¶
func (p *BTEqualityProver) GetProofData(challenge *big.Int) *big.Int
func (*BTEqualityProver) GetProofRandomData ¶
func (p *BTEqualityProver) GetProofRandomData(secret *big.Int, g1, g2 *ec.GroupElement) (*ec.GroupElement, *ec.GroupElement)
Prove that you know dlog_g1(h1), dlog_g2(h2) and that dlog_g1(h1) = dlog_g2(h2).
type BTEqualityVerifier ¶
func NewBTEqualityVerifier ¶
func NewBTEqualityVerifier(curve ec.Curve, gamma *big.Int) *BTEqualityVerifier
func (*BTEqualityVerifier) GetChallenge ¶
func (v *BTEqualityVerifier) GetChallenge(g1, g2, t1, t2, x1, x2 *ec.GroupElement) *big.Int
func (*BTEqualityVerifier) Verify ¶
func (v *BTEqualityVerifier) Verify(z *big.Int) (bool, *BlindedTrans, *ec.GroupElement, *ec.GroupElement)
It receives z = r + secret * challenge. It returns true if g1^z = g1^r * (g1^secret) ^ challenge and g2^z = g2^r * (g2^secret) ^ challenge.
type BlindedTrans ¶
type BlindedTrans struct {
Alpha_1 *big.Int
Alpha_2 *big.Int
Beta_1 *big.Int
Beta_2 *big.Int
Hash *big.Int
ZAlpha *big.Int
}
BlindedTrans represents a blinded transcript.
func NewBlindedTrans ¶
func NewBlindedTrans(alpha_1, alpha_2, beta_1, beta_2, hash, zAlpha *big.Int) *BlindedTrans
func (*BlindedTrans) Verify ¶
func (t *BlindedTrans) Verify(curve ec.Curve, g1, t1, G2, T2 *ec.GroupElement) bool
Verifies that the blinded transcript is valid. That means the knowledge of log_g1(t1), log_G2(T2) and log_g1(t1) = log_G2(T2). Note that G2 = g2^gamma, T2 = t2^gamma where gamma was chosen by verifier.
type ECTriple ¶
type ECTriple struct {
A *ec.GroupElement
B *ec.GroupElement
C *ec.GroupElement
}
func NewECTriple ¶
func NewECTriple(a, b, c *ec.GroupElement) *ECTriple
type EqualityProver ¶
func NewEqualityProver ¶
func NewEqualityProver(curve ec.Curve) *EqualityProver
func (*EqualityProver) GetProofData ¶
func (p *EqualityProver) GetProofData(challenge *big.Int) *big.Int
func (*EqualityProver) GetProofRandomData ¶
func (p *EqualityProver) GetProofRandomData(secret *big.Int, g1, g2 *ec.GroupElement) (*ec.GroupElement, *ec.GroupElement)
type EqualityVerifier ¶
func NewEqualityVerifier ¶
func NewEqualityVerifier(curve ec.Curve) *EqualityVerifier
func (*EqualityVerifier) GetChallenge ¶
func (v *EqualityVerifier) GetChallenge(g1, g2, t1, t2, x1, x2 *ec.GroupElement) *big.Int
type PartialProver ¶
Proving that it knows either secret1 such that a1^secret1 = b1 or
secret2 such that a2^secret2 = b2.
func NewPartialProver ¶
func NewPartialProver(group *ec.Group) *PartialProver
func (*PartialProver) GetProofData ¶
func (*PartialProver) GetProofRandomData ¶
func (p *PartialProver) GetProofRandomData(secret1 *big.Int, a1, b1, a2, b2 *ec.GroupElement) (*ECTriple, *ECTriple)
type PartialVerifier ¶
func NewPartialVerifier ¶
func NewPartialVerifier(group *ec.Group) *PartialVerifier
func (*PartialVerifier) GetChallenge ¶
func (v *PartialVerifier) GetChallenge() *big.Int
func (*PartialVerifier) SetProofRandomData ¶
func (v *PartialVerifier) SetProofRandomData(triple1, triple2 *ECTriple)
type Prover ¶
Prover proves knowledge of a discrete logarithm.
func (*Prover) GetProofData ¶
It receives challenge defined by a verifier, and returns z = r + challenge * w.
func (*Prover) GetProofRandomData ¶
func (p *Prover) GetProofRandomData(secret *big.Int, a *ec.GroupElement) *ec.GroupElement
It contains also value b = a^secret.
type Verifier ¶
func NewVerifier ¶
func (*Verifier) GetChallenge ¶
func (*Verifier) SetChallenge ¶
SetChallenge is used when Fiat-Shamir is used - when challenge is generated using hash by the prover.
func (*Verifier) SetProofRandomData ¶
func (v *Verifier) SetProofRandomData(x, a, b *ec.GroupElement)
TODO: t transferred at some other stage?
Source Files