Documentation ¶
Overview ¶
Package bn256 implements a particular bilinear group.
Bilinear groups are the basis of many of the new cryptographic protocols that have been proposed over the past decade. They consist of a triplet of groups (G₁, G₂ and GT) such that there exists a function e(g₁ˣ,g₂ʸ)=gTˣʸ (where gₓ is a generator of the respective group). That function is called a pairing function.
This package specifically implements the Optimal Ate pairing over a 256-bit Barreto-Naehrig curve as described in http://cryptojedi.org/papers/dclxvi-20100714.pdf. Its output is compatible with the implementation described in that paper.
This package previously claimed to operate at a 128-bit security level. However, recent improvements in attacks mean that is no longer true. See https://moderncrypto.org/mail-archive/curves/2016/000740.html.
Index ¶
- Variables
- type Suite
- func (s *Suite) G1() kyber.Group
- func (s *Suite) G2() kyber.Group
- func (s *Suite) GT() kyber.Group
- func (c Suite) Hash() hash.Hash
- func (c Suite) New(t reflect.Type) interface{}
- func (s *Suite) Pair(p1 kyber.Point, p2 kyber.Point) kyber.Point
- func (c Suite) RandomStream() cipher.Stream
- func (c Suite) Read(r io.Reader, objs ...interface{}) error
- func (c Suite) String() string
- func (c Suite) Write(w io.Writer, objs ...interface{}) error
- func (c Suite) XOF(seed []byte) kyber.XOF
Constants ¶
This section is empty.
Variables ¶
var Order = bigFromBase10("65000549695646603732796438742359905742570406053903786389881062969044166799969")
Order is the number of elements in both G₁ and G₂: 36u⁴+36u³+18u²+6u+1. order-1 = (2**5) * 3 * 5743 * 280941149 * 130979359433191 * 491513138693455212421542731357 * 6518589491078791937
Functions ¶
This section is empty.
Types ¶
type Suite ¶
type Suite struct {
// contains filtered or unexported fields
}
Suite implements the pairing.Suite interface for the BN256 bilinear pairing.
func NewSuiteRand ¶
NewSuiteRand generates and returns a new BN256 suite seeded by the given cipher stream.
func (*Suite) Pair ¶
func (s *Suite) Pair(p1 kyber.Point, p2 kyber.Point) kyber.Point
Pair takes the points p1 and p2 in groups G1 and G2, respectively, as input and computes their pairing in GT.
func (Suite) RandomStream ¶
RandomStream returns a cipher.Stream which corresponds to a key stream from crypto/rand.
func (Suite) String ¶
func (c Suite) String() string
String returns a recognizable string that this is a combined suite.