bls

package
v3.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 30, 2022 License: MPL-2.0 Imports: 6 Imported by: 34

Documentation

Overview

Package bls implements the Boneh-Lynn-Shacham (BLS) signature scheme which was introduced in the paper "Short Signatures from the Weil Pairing". BLS requires pairing-based cryptography.

Deprecated: This version is vulnerable to rogue public-key attack and the new version of the protocol should be used to make sure a signature aggregate cannot be verified by a forged key. You can find the protocol in kyber/sign/bdn. Note that only the aggregation is broken against the attack and a later version will merge bls and asmbls.

See the paper: https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func AggregatePublicKeys

func AggregatePublicKeys(suite pairing.Suite, Xs ...kyber.Point) kyber.Point

AggregatePublicKeys takes a slice of public G2 points and returns the sum of those points. This is used to verify multisignatures.

func AggregateSignatures

func AggregateSignatures(suite pairing.Suite, sigs ...[]byte) ([]byte, error)

AggregateSignatures combines signatures created using the Sign function

func BatchVerify

func BatchVerify(suite pairing.Suite, publics []kyber.Point, msgs [][]byte, sig []byte) error

BatchVerify verifies a large number of publicKey/msg pairings with a single aggregated signature. Since aggregation is generally much faster than verification, this can be a speed enhancement. Benchmarks show a roughly 50% performance increase over individual signature verification Every msg must be unique or there is the possibility to accept an invalid signature see: https://crypto.stackexchange.com/questions/56288/is-bls-signature-scheme-strongly-unforgeable/56290 for a description of why each message must be unique.

func NewKeyPair

func NewKeyPair(suite pairing.Suite, random cipher.Stream) (kyber.Scalar, kyber.Point)

NewKeyPair creates a new BLS signing key pair. The private key x is a scalar and the public key X is a point on curve G2.

func Sign

func Sign(suite pairing.Suite, x kyber.Scalar, msg []byte) ([]byte, error)

Sign creates a BLS signature S = x * H(m) on a message m using the private key x. The signature S is a point on curve G1.

func Verify

func Verify(suite pairing.Suite, X kyber.Point, msg, sig []byte) error

Verify checks the given BLS signature S on the message m using the public key X by verifying that the equality e(H(m), X) == e(H(m), x*B2) == e(x*H(m), B2) == e(S, B2) holds where e is the pairing operation and B2 is the base point from curve G2.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL