v1

package
v1.8.21 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 26, 2022 License: Apache-2.0 Imports: 14 Imported by: 0

README

Secure Two-party Threshold ECDSA from ECDSA Assumptions

Package dkls implements the 2-of-2 threshold ECDSA signing algorithm of Secure Two-party Threshold ECDSA from ECDSA Assumptions.

Documentation

Overview

Package v1 provides a wrapper around the [DKLs18](https://eprint.iacr.org/2018/499.pdf) sign and dkg and provides serialization, serialization, and versioning for the serialized data.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ConvertAliceDkgOutputToV1

func ConvertAliceDkgOutputToV1(params *v0.Params, dkgResult []byte) (*protocol.Message, error)

ConvertAliceDkgOutputToV1 converts the V0 output to V1 output. The V0 version of DKls `gob` encoded entire `Alice` object and returned it as DKG state and returned this state and the public key to the caller as the serialized version of DKG. In contrast, the V1 version of DKLs `gob` encodes only what is need for signing algorithm. Therefore, this function first decodes the V0 dkg result to Alice object and a public key. Then extracts the required data out of the Alice object and creates V1 Dkg output object. Note that in addition to extracting the required data, this function also performs type conversions on curve Scalar and Points. The reason is that between V0 and V1, the interface and data types for curve computation has changed.

Furthermore, the new encoded value is represented as a `protocol.Message` which contains versioning and other metadata about the serialized values. This serialized value will be the input to the sign function.

In summary, the following data mapping and conversion is performed.

  • v0.alice.Pk -> Converted to v1.PublicKey (a curve Point)
  • v0.alice.SkA -> Converted to v1.SecretKeyShare (a scalar value)
  • v0.alice.Receiver.Packed -> Converted to v1.SeedOtResult.PackedRandomChoiceBits (the random choice bits in OT)
  • v0.alice.Receiver.Packed -> Converted to v1.SeedOtResult.RandomChoiceBits (the random choice bits in OT in unpacked form)
  • v0.alice.Receiver.Rho -> Converted to v1.SeedOtResult.OneTimePadDecryptionKey (the Rho value in the paper)

func ConvertBobDkgOutputToV1

func ConvertBobDkgOutputToV1(params *v0.Params, dkgResult []byte) (*protocol.Message, error)

ConvertBobDkgOutputToV1 converts the V0 output to V1 output. The V0 version of DKls `gob` encoded entire `Bob` object and returned it as DKG state and returned this state and the public key to the caller as the serialized version of DKG. In contrast, the V1 version of DKLs `gob` encodes only what is need for signing algorithm. Therefore, this function first decodes the V0 dkg result to Bob object and a public key. Then extracts the required data out of the Bob object and creates V1 Dkg output object. Note that in addition to extracting the required data, this function also performs type conversions on curve Scalar and Points. The reason is that between V0 and V1, the interface and data types for curve computation has changed.

Furthermore, the new encoded value is represented as a `protocol.Message` which contains versioning and other metadata about the serialized values. This serialized value will be the input to the sign function.

In summary, the following data mapping and conversion is performed.

  • v0.bob.Pk -> Converted to v1.PublicKey (a curve Point)
  • v0.bob.SkA -> Converted to v1.SecretKeyShare (a scalar value)
  • v0.bob.Sender.Rho -> Converted to v1.SeedOtResult.OneTimePadEncryptionKeys (the Rho value in the paper)

func DecodeAliceDkgResult

func DecodeAliceDkgResult(m *protocol.Message) (*dkg.AliceOutput, error)

DecodeAliceDkgResult deserializes Alice DKG output.

func DecodeAliceRefreshResult

func DecodeAliceRefreshResult(m *protocol.Message) (*dkg.AliceOutput, error)

DecodeAliceRefreshResult deserializes Alice refresh output.

func DecodeBobDkgResult

func DecodeBobDkgResult(m *protocol.Message) (*dkg.BobOutput, error)

DecodeBobDkgResult deserializes Bob DKG output.

func DecodeBobRefreshResult

func DecodeBobRefreshResult(m *protocol.Message) (*dkg.BobOutput, error)

DecodeBobRefreshResult deserializes Bob refhresh output.

func DecodeSignature

func DecodeSignature(m *protocol.Message) (*curves.EcdsaSignature, error)

DecodeSignature serializes the signature.

func EncodeAliceDkgOutput

func EncodeAliceDkgOutput(result *dkg.AliceOutput, version uint) (*protocol.Message, error)

EncodeAliceDkgOutput serializes Alice DKG output based on the protocol version.

func EncodeAliceRefreshOutput

func EncodeAliceRefreshOutput(result *dkg.AliceOutput, version uint) (*protocol.Message, error)

EncodeAliceRefreshOutput serializes Alice Refresh output based on the protocol version.

func EncodeBobDkgOutput

func EncodeBobDkgOutput(result *dkg.BobOutput, version uint) (*protocol.Message, error)

EncodeBobDkgOutput serializes Bob DKG output based on the protocol version.

func EncodeBobRefreshOutput

func EncodeBobRefreshOutput(result *dkg.BobOutput, version uint) (*protocol.Message, error)

EncodeBobRefreshOutput serializes Bob refresh output based on the protocol version.

Types

type AliceDkg

type AliceDkg struct {
	*dkg.Alice
	// contains filtered or unexported fields
}

AliceDkg DKLS DKG implementation that satisfies the protocol iterator interface.

func NewAliceDkg

func NewAliceDkg(curve *curves.Curve, version uint) *AliceDkg

NewAliceDkg creates a new protocol that can compute a DKG as Alice

func (*AliceDkg) Next

func (p *AliceDkg) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*AliceDkg) Result

func (a *AliceDkg) Result(version uint) (*protocol.Message, error)

Result Returns an encoded version of Alice as sequence of bytes that can be used to initialize an AliceSign protocol.

type AliceRefresh

type AliceRefresh struct {
	*refresh.Alice
	// contains filtered or unexported fields
}

AliceRefresh DKLS refresh implementation that satisfies the protocol iterator interface.

func NewAliceRefresh

func NewAliceRefresh(curve *curves.Curve, dkgResultMessage *protocol.Message, version uint) (*AliceRefresh, error)

NewAliceRefresh creates a new protocol that can compute a key refresh as Alice

func (*AliceRefresh) Next

func (p *AliceRefresh) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*AliceRefresh) Result

func (a *AliceRefresh) Result(version uint) (*protocol.Message, error)

Result Returns an encoded version of Alice as sequence of bytes that can be used to initialize an AliceSign protocol.

type AliceSign

type AliceSign struct {
	*sign.Alice
	// contains filtered or unexported fields
}

AliceSign DKLS sign implementation that satisfies the protocol iterator interface.

func NewAliceSign

func NewAliceSign(curve *curves.Curve, hash hash.Hash, message []byte, dkgResultMessage *protocol.Message, version uint) (*AliceSign, error)

NewAliceSign creates a new protocol that can compute a signature as Alice. Requires dkg state that was produced at the end of DKG.Output().

func (*AliceSign) Next

func (p *AliceSign) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*AliceSign) Result

func (a *AliceSign) Result(_ uint) (*protocol.Message, error)

Result always returns an error. Alice does not compute a signature in the DKLS protocol; only Bob computes the signature.

type BobDkg

type BobDkg struct {
	*dkg.Bob
	// contains filtered or unexported fields
}

BobDkg DKLS DKG implementation that satisfies the protocol iterator interface.

func NewBobDkg

func NewBobDkg(curve *curves.Curve, version uint) *BobDkg

NewBobDkg Creates a new protocol that can compute a DKG as Bob.

func (*BobDkg) Next

func (p *BobDkg) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*BobDkg) Result

func (b *BobDkg) Result(version uint) (*protocol.Message, error)

Result returns an encoded version of Bob as sequence of bytes that can be used to initialize an BobSign protocol.

type BobRefresh

type BobRefresh struct {
	*refresh.Bob
	// contains filtered or unexported fields
}

BobRefresh DKLS refresh implementation that satisfies the protocol iterator interface.

func NewBobRefresh

func NewBobRefresh(curve *curves.Curve, dkgResultMessage *protocol.Message, version uint) (*BobRefresh, error)

NewBobRefresh Creates a new protocol that can compute a refresh as Bob.

func (*BobRefresh) Next

func (p *BobRefresh) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*BobRefresh) Result

func (b *BobRefresh) Result(version uint) (*protocol.Message, error)

Result returns an encoded version of Bob as sequence of bytes that can be used to initialize an BobSign protocol.

type BobSign

type BobSign struct {
	*sign.Bob
	// contains filtered or unexported fields
}

BobSign DKLS sign implementation that satisfies the protocol iterator interface.

func NewBobSign

func NewBobSign(curve *curves.Curve, hash hash.Hash, message []byte, dkgResultMessage *protocol.Message, version uint) (*BobSign, error)

NewBobSign creates a new protocol that can compute a signature as Bob. Requires dkg state that was produced at the end of DKG.Output().

func (*BobSign) Next

func (p *BobSign) Next(input *protocol.Message) (*protocol.Message, error)

Next runs the next step in the protocol and reports errors or increments the step index

func (*BobSign) Result

func (b *BobSign) Result(version uint) (*protocol.Message, error)

Result returns the signature that Bob computed as a *core.EcdsaSignature if the signing protocol completed successfully.

Directories

Path Synopsis
Package dealer implements key generation via a trusted dealer for the protocol [DKLs18](https://eprint.iacr.org/2018/499.pdf).
Package dealer implements key generation via a trusted dealer for the protocol [DKLs18](https://eprint.iacr.org/2018/499.pdf).
Package dkg implements the Distributed Key Generation (DKG) protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).
Package dkg implements the Distributed Key Generation (DKG) protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).
This file implements the key refresh protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).
This file implements the key refresh protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).
Package sign implements the 2-2 threshold signature protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).
Package sign implements the 2-2 threshold signature protocol of [DKLs18](https://eprint.iacr.org/2018/499.pdf).

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL