pvss

package
v3.0.0-pre3 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 4, 2019 License: MPL-2.0 Imports: 4 Imported by: 1

Documentation

Overview

Package pvss implements public verifiable secret sharing as introduced in "A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting" by Berry Schoenmakers. In comparison to regular verifiable secret sharing schemes, PVSS enables any third party to verify shares distributed by a dealer using zero-knowledge proofs. PVSS runs in three steps:

  1. The dealer creates a list of encrypted public verifiable shares using EncShares() and distributes them to the trustees.
  2. Upon the announcement that the secret should be released, each trustee uses DecShare() to first verify and, if valid, decrypt his share.
  3. Once a threshold of decrypted shares has been released, anyone can verify them and, if enough shares are valid, recover the shared secret using RecoverSecret().

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func DecShareBatch

func DecShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, x kyber.Scalar, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, []*PubVerShare, error)

DecShareBatch provides the same functionality as DecShare but for slices of encrypted shares. The function returns the valid encrypted and decrypted shares as well as the corresponding public keys.

func RecoverSecret

func RecoverSecret(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare, t int, n int) (kyber.Point, error)

RecoverSecret first verifies the given decrypted shares against their decryption consistency proofs and then tries to recover the shared secret.

func VerifyDecShare

func VerifyDecShare(suite Suite, G kyber.Point, X kyber.Point, encShare *PubVerShare, decShare *PubVerShare) error

VerifyDecShare checks that the decrypted share sG satisfies log_{G}(X) == log_{sG}(sX). Note that X = xG and sX = s(xG) = x(sG).

func VerifyEncShare

func VerifyEncShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, encShare *PubVerShare) error

VerifyEncShare checks that the encrypted share sX satisfies log_{H}(sH) == log_{X}(sX) where sH is the public commitment computed by evaluating the public commitment polynomial at the encrypted share's index i.

Types

type PubVerShare

type PubVerShare struct {
	S share.PubShare // Share
	P dleq.Proof     // Proof
}

PubVerShare is a public verifiable share.

func DecShare

func DecShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, x kyber.Scalar, encShare *PubVerShare) (*PubVerShare, error)

DecShare first verifies the encrypted share against the encryption consistency proof and, if valid, decrypts it and creates a decryption consistency proof.

func EncShares

func EncShares(suite Suite, H kyber.Point, X []kyber.Point, secret kyber.Scalar, t int) (shares []*PubVerShare, commit *share.PubPoly, err error)

EncShares creates a list of encrypted publicly verifiable PVSS shares for the given secret and the list of public keys X using the sharing threshold t and the base point H. The function returns the list of shares and the public commitment polynomial.

func VerifyDecShareBatch

func VerifyDecShareBatch(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare) ([]*PubVerShare, error)

VerifyDecShareBatch provides the same functionality as VerifyDecShare but for slices of decrypted shares. The function returns the the valid decrypted shares.

func VerifyEncShareBatch

func VerifyEncShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, error)

VerifyEncShareBatch provides the same functionality as VerifyEncShare but for slices of encrypted shares. The function returns the valid encrypted shares together with the corresponding public keys.

type Suite

type Suite interface {
	kyber.Group
	kyber.HashFactory
	kyber.Encoding
	kyber.XOFFactory
	kyber.Random
}

Suite describes the functionalities needed by this package in order to function correctly.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL