Documentation
¶
Overview ¶
Package bdn implements the Boneh-Drijvers-Neven signature scheme which is an implementation of the bls package which is robust against rogue public-key attacks. Those attacks could allow an attacker to forge a public-key and then make a verifiable signature for an aggregation of signatures. It fixes the situation by adding coefficients to the aggregate.
See the papers: https://eprint.iacr.org/2018/483.pdf https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html
Index ¶
- func AggregatePublicKeys(suite pairing.Suite, mask *sign.Mask) (kyber.Point, error)
- func AggregateSignatures(suite pairing.Suite, sigs [][]byte, mask *sign.Mask) (kyber.Point, error)
- func NewKeyPair(suite pairing.Suite, random cipher.Stream) (kyber.Scalar, kyber.Point)
- func Sign(suite pairing.Suite, x kyber.Scalar, msg []byte) ([]byte, error)
- func Verify(suite pairing.Suite, x kyber.Point, msg, sig []byte) error
- type Scheme
- func (scheme *Scheme) AggregatePublicKeys(mask *sign.Mask) (kyber.Point, error)
- func (scheme *Scheme) AggregateSignatures(sigs [][]byte, mask *sign.Mask) (kyber.Point, error)
- func (scheme *Scheme) NewKeyPair(random cipher.Stream) (kyber.Scalar, kyber.Point)
- func (scheme *Scheme) Sign(x kyber.Scalar, msg []byte) ([]byte, error)
- func (scheme *Scheme) Verify(x kyber.Point, msg, sig []byte) error
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AggregatePublicKeys ¶
AggregatePublicKeys aggregates a set of public keys (similarly to AggregateSignatures for signatures) using the hash function H: G2 -> R with R = {1, ..., 2^128}. Deprecated: use the new scheme methods instead.
func AggregateSignatures ¶
AggregateSignatures aggregates the signatures using a coefficient for each one of them where c = H(pk) and H: G2 -> R with R = {1, ..., 2^128} Deprecated: use the new scheme methods instead.
func NewKeyPair ¶
NewKeyPair creates a new BLS signing key pair. The private key x is a scalar and the public key X is a point on curve G2. Deprecated: use the new scheme methods instead.
func Sign ¶
Sign creates a BLS signature S = x * H(m) on a message m using the private key x. The signature S is a point on curve G1. Deprecated: use the new scheme methods instead.
func Verify ¶
Verify checks the given BLS signature S on the message m using the public key X by verifying that the equality e(H(m), X) == e(H(m), x*B2) == e(x*H(m), B2) == e(S, B2) holds where e is the pairing operation and B2 is the base point from curve G2. Deprecated: use the new scheme methods instead.
Types ¶
type Scheme ¶ added in v1.3.0
type Scheme struct {
// contains filtered or unexported fields
}
func NewSchemeOnG1 ¶ added in v1.3.0
NewSchemeOnG1 returns a sign.Scheme that uses G1 for its signature space and G2 for its public keys
func NewSchemeOnG2 ¶ added in v1.3.0
NewSchemeOnG2 returns a sign.Scheme that uses G2 for its signature space and G1 for its public key
func (*Scheme) AggregatePublicKeys ¶ added in v1.3.0
AggregatePublicKeys aggregates a set of public keys (similarly to AggregateSignatures for signatures) using the hash function H: keyGroup -> R with R = {1, ..., 2^128}.
func (*Scheme) AggregateSignatures ¶ added in v1.3.0
AggregateSignatures aggregates the signatures using a coefficient for each one of them where c = H(pk) and H: keyGroup -> R with R = {1, ..., 2^128}
func (*Scheme) NewKeyPair ¶ added in v1.3.0
NewKeyPair creates a new BLS signing key pair. The private key x is a scalar and the public key X is a point on the scheme's key group.
func (*Scheme) Sign ¶ added in v1.3.0
Sign creates a BLS signature S = x * H(m) on a message m using the private key x. The signature S is a point on the scheme's signature group.
func (*Scheme) Verify ¶ added in v1.3.0
Verify checks the given BLS signature S on the message m using the public key X by verifying that the equality e(H(m), X) == e(H(m), x*B2) == e(x*H(m), B2) == e(S, B2) holds where e is the pairing operation and B2 is the base point from the scheme's key group.
Source Files