Documentation ¶
Overview ¶
Package bn256 implements a particular bilinear group.
Bilinear groups are the basis of many of the new cryptographic protocols that have been proposed over the past decade. They consist of a triplet of groups (G₁, G₂ and GT) such that there exists a function e(g₁ˣ,g₂ʸ)=gTˣʸ (where gₓ is a generator of the respective group). That function is called a pairing function.
This package specifically implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve as described in http://cryptojedi.org/papers/dclxvi-20100714.pdf. Its output is compatible with the implementation described in that paper.
This package previously claimed to operate at a 128-bit security level. However, recent improvements in attacks mean that is no longer true. See https://moderncrypto.org/mail-archive/curves/2016/000740.html.
Index ¶
- Variables
- type Suite
- func (s *Suite) G1() kyber.Group
- func (s *Suite) G2() kyber.Group
- func (s *Suite) GT() kyber.Group
- func (c Suite) Hash() hash.Hash
- func (c Suite) New(t reflect.Type) interface{}
- func (s *Suite) Pair(p1 kyber.Point, p2 kyber.Point) kyber.Point
- func (c Suite) RandomStream() cipher.Stream
- func (c Suite) Read(r io.Reader, objs ...interface{}) error
- func (c Suite) String() string
- func (s *Suite) ValidatePairing(p1, p2, inv1, inv2 kyber.Point) bool
- func (c Suite) Write(w io.Writer, objs ...interface{}) error
- func (c Suite) XOF(seed []byte) kyber.XOF
- type SuiteBn256
- func (c SuiteBn256) Hash() hash.Hash
- func (c SuiteBn256) New(t reflect.Type) interface{}
- func (s *SuiteBn256) Point() kyber.Point
- func (s *SuiteBn256) PointLen() int
- func (c SuiteBn256) RandomStream() cipher.Stream
- func (c SuiteBn256) Read(r io.Reader, objs ...interface{}) error
- func (s *SuiteBn256) Scalar() kyber.Scalar
- func (s *SuiteBn256) ScalarLen() int
- func (s *SuiteBn256) String() string
- func (c SuiteBn256) Write(w io.Writer, objs ...interface{}) error
- func (c SuiteBn256) XOF(seed []byte) kyber.XOF
Constants ¶
This section is empty.
Variables ¶
var Order = bigFromBase10("65000549695646603732796438742359905742570406053903786389881062969044166799969")
Order is the number of elements in both G₁ and G₂: 36u⁴+36u³+18u²+6u+1. order-1 = (2**5) * 3 * 5743 * 280941149 * 130979359433191 * 491513138693455212421542731357 * 6518589491078791937
Functions ¶
This section is empty.
Types ¶
type Suite ¶
type Suite struct {
// contains filtered or unexported fields
}
Suite implements the pairing.Suite interface for the BN256 bilinear pairing.
func NewSuiteRand ¶
NewSuiteRand generates and returns a new BN256 suite seeded by the given cipher stream.
func (*Suite) Pair ¶
Pair takes the points p1 and p2 in groups G1 and G2, respectively, as input and computes their pairing in GT.
func (Suite) RandomStream ¶
RandomStream returns a cipher.Stream which corresponds to a key stream from crypto/rand.
func (Suite) String ¶
func (c Suite) String() string
String returns a recognizable string that this is a combined suite.
func (*Suite) ValidatePairing ¶ added in v1.1.3
type SuiteBn256 ¶
SuiteBn256 is an adapter that implements the suites.Suite interface so that bn256 can be used as a common suite to generate key pairs for instance but still preserves the properties of the pairing (e.g. the Pair function).
It's important to note that the Point function will generate a point compatible with public keys only (group G2) where the signature must be used as a point from the group G1.
func (*SuiteBn256) Point ¶
func (s *SuiteBn256) Point() kyber.Point
Point generates a point from the G2 group that can only be used for public keys
func (*SuiteBn256) PointLen ¶
func (s *SuiteBn256) PointLen() int
PointLen returns the length of a G2 point
func (SuiteBn256) RandomStream ¶
RandomStream returns a cipher.Stream which corresponds to a key stream from crypto/rand.
func (*SuiteBn256) ScalarLen ¶
func (s *SuiteBn256) ScalarLen() int
ScalarLen returns the lenght of a scalar
func (*SuiteBn256) String ¶
func (s *SuiteBn256) String() string
String returns the name of the suite