Documentation
¶
Index ¶
- Constants
- func AliceEnd(Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *ProofBob, ...) (*big.Int, error)
- func AliceEndWC(Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *ProofBobWC, ...) (*big.Int, error)
- type ProofBob
- type ProofBobWC
- func BobMidWC(Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, ...) (beta, cB, betaPrm *big.Int, piB *ProofBobWC, err error)
- func ProofBobWCFromBytes(ec elliptic.Curve, bzs [][]byte) (*ProofBobWC, error)
- func ProveBobWC(Session []byte, ec elliptic.Curve, pk *paillier.PublicKey, ...) (*ProofBobWC, error)
- type RangeProofAlice
- func AliceInit(ec elliptic.Curve, pkA *paillier.PublicKey, a, NTildeB, h1B, h2B *big.Int, ...) (cA *big.Int, pf *RangeProofAlice, err error)
- func ProveRangeAlice(ec elliptic.Curve, pk *paillier.PublicKey, c, NTilde, h1, h2, m, r *big.Int, ...) (*RangeProofAlice, error)
- func RangeProofAliceFromBytes(bzs [][]byte) (*RangeProofAlice, error)
Constants ¶
const ( // ProofBobBytesParts is the number of byte parts in a serialized ProofBob. ProofBobBytesParts = 10 // ProofBobWCBytesParts is the number of byte parts in a serialized ProofBobWC. ProofBobWCBytesParts = 12 )
const (
// RangeProofAliceBytesParts is the number of byte parts in a serialized RangeProofAlice.
RangeProofAliceBytesParts = 6
)
Variables ¶
This section is empty.
Functions ¶
func AliceEnd ¶
func AliceEnd( Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *ProofBob, h1A, h2A, cA, cB, NTildeA *big.Int, sk *paillier.PrivateKey, ) (*big.Int, error)
AliceEnd completes the MtA protocol for Alice by verifying Bob's proof and decrypting the result.
func AliceEndWC ¶
func AliceEndWC( Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *ProofBobWC, B *crypto.ECPoint, cA, cB, NTildeA, h1A, h2A *big.Int, sk *paillier.PrivateKey, ) (*big.Int, error)
AliceEndWC completes the MtA protocol for Alice with the consistency check by verifying Bob's proof and decrypting the result.
Types ¶
type ProofBob ¶
ProofBob is Bob's zero-knowledge proof used in the MtA protocol without the consistency check.
func BobMid ¶
func BobMid( Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *RangeProofAlice, b, cA, NTildeA, h1A, h2A, NTildeB, h1B, h2B *big.Int, rand io.Reader, ) (beta, cB, betaPrm *big.Int, piB *ProofBob, err error)
BobMid performs Bob's middle step in the MtA protocol without the consistency check.
func ProofBobFromBytes ¶
ProofBobFromBytes reconstructs a ProofBob from a slice of byte slices.
func ProveBob ¶
func ProveBob(Session []byte, ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int, rand io.Reader) (*ProofBob, error)
ProveBob implements Bob's proof "ProveMta_Bob" used in the MtA protocol from GG18Spec (9) Fig. 11.
func (*ProofBob) Bytes ¶
func (pf *ProofBob) Bytes() [ProofBobBytesParts][]byte
Bytes serializes the ProofBob into a fixed-size array of byte slices.
func (*ProofBob) ValidateBasic ¶
ValidateBasic checks that all fields of the ProofBob are non-nil.
type ProofBobWC ¶
ProofBobWC is Bob's zero-knowledge proof used in the MtA protocol with the consistency check (X = g^x).
func BobMidWC ¶
func BobMidWC( Session []byte, ec elliptic.Curve, pkA *paillier.PublicKey, pf *RangeProofAlice, b, cA, NTildeA, h1A, h2A, NTildeB, h1B, h2B *big.Int, B *crypto.ECPoint, rand io.Reader, ) (beta, cB, betaPrm *big.Int, piB *ProofBobWC, err error)
BobMidWC performs Bob's middle step in the MtA protocol with the consistency check (B = g^b).
func ProofBobWCFromBytes ¶
func ProofBobWCFromBytes(ec elliptic.Curve, bzs [][]byte) (*ProofBobWC, error)
ProofBobWCFromBytes reconstructs a ProofBobWC from a slice of byte slices and the elliptic curve.
func ProveBobWC ¶
func ProveBobWC(Session []byte, ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2, x, y, r *big.Int, X *crypto.ECPoint, rand io.Reader) (*ProofBobWC, error)
ProveBobWC implements Bob's proof both with or without check "ProveMtawc_Bob" and "ProveMta_Bob" used in the MtA protocol from GG18Spec (9) Figs. 10 & 11. an absent `X` generates the proof without the X consistency check X = g^x
func (*ProofBobWC) Bytes ¶
func (pf *ProofBobWC) Bytes() [ProofBobWCBytesParts][]byte
Bytes serializes the ProofBobWC into a fixed-size array of byte slices including the ECPoint U.
func (*ProofBobWC) ValidateBasic ¶
func (pf *ProofBobWC) ValidateBasic() bool
ValidateBasic checks that all fields of the ProofBobWC are non-nil, including the embedded ProofBob.
func (*ProofBobWC) Verify ¶
func (pf *ProofBobWC) Verify(Session []byte, ec elliptic.Curve, pk *paillier.PublicKey, NTilde, h1, h2, c1, c2 *big.Int, X *crypto.ECPoint) bool
ProveBobWC.Verify implements verification of Bob's proof with check "VerifyMtawc_Bob" used in the MtA protocol from GG18Spec (9) Fig. 10. an absent `X` verifies a proof generated without the X consistency check X = g^x
type RangeProofAlice ¶
RangeProofAlice is Alice's range proof used in the MtA protocol to prove her secret is within a valid range.
func AliceInit ¶
func AliceInit( ec elliptic.Curve, pkA *paillier.PublicKey, a, NTildeB, h1B, h2B *big.Int, rand io.Reader, ) (cA *big.Int, pf *RangeProofAlice, err error)
AliceInit encrypts Alice's secret and produces a range proof for the MtA protocol.
func ProveRangeAlice ¶
func ProveRangeAlice(ec elliptic.Curve, pk *paillier.PublicKey, c, NTilde, h1, h2, m, r *big.Int, rand io.Reader) (*RangeProofAlice, error)
ProveRangeAlice implements Alice's range proof used in the MtA and MtAwc protocols from GG18Spec (9) Fig. 9.
func RangeProofAliceFromBytes ¶
func RangeProofAliceFromBytes(bzs [][]byte) (*RangeProofAlice, error)
RangeProofAliceFromBytes reconstructs a RangeProofAlice from a slice of byte slices.
func (*RangeProofAlice) Bytes ¶
func (pf *RangeProofAlice) Bytes() [RangeProofAliceBytesParts][]byte
Bytes serializes the RangeProofAlice into a fixed-size array of byte slices.
func (*RangeProofAlice) ValidateBasic ¶
func (pf *RangeProofAlice) ValidateBasic() bool
ValidateBasic checks that all fields of the RangeProofAlice are non-nil.
Source Files