kyber: Index | Files

package dleq

import ""

Package dleq provides functionality to create and verify non-interactive zero-knowledge (NIZK) proofs for the equality (EQ) of discrete logarithms (DL). This means, for two values xG and xH one can check that

log_{G}(xG) == log_{H}(xH)

without revealing the secret value x.


Package Files


type Proof Uses

type Proof struct {
    C   kyber.Scalar // challenge
    R   kyber.Scalar // response
    VG  kyber.Point  // public commitment with respect to base point G
    VH  kyber.Point  // public commitment with respect to base point H

Proof represents a NIZK dlog-equality proof.

func NewDLEQProof Uses

func NewDLEQProof(suite Suite, G kyber.Point, H kyber.Point, x kyber.Scalar) (proof *Proof, xG kyber.Point, xH kyber.Point, err error)

NewDLEQProof computes a new NIZK dlog-equality proof for the scalar x with respect to base points G and H. It therefore randomly selects a commitment v and then computes the challenge c = H(xG,xH,vG,vH) and response r = v - cx. Besides the proof, this function also returns the encrypted base points xG and xH.

func NewDLEQProofBatch Uses

func NewDLEQProofBatch(suite Suite, G []kyber.Point, H []kyber.Point, secrets []kyber.Scalar) (proof []*Proof, xG []kyber.Point, xH []kyber.Point, err error)

NewDLEQProofBatch computes lists of NIZK dlog-equality proofs and of encrypted base points xG and xH. Note that the challenge is computed over all input values.

func (*Proof) Verify Uses

func (p *Proof) Verify(suite Suite, G kyber.Point, H kyber.Point, xG kyber.Point, xH kyber.Point) error

Verify examines the validity of the NIZK dlog-equality proof. The proof is valid if the following two conditions hold:

vG == rG + c(xG)
vH == rH + c(xH)

type Suite Uses

type Suite interface {

Suite wraps the functionalities needed by the dleq package.

Package dleq imports 2 packages (graph). Updated 2020-01-01. Refresh now. Tools for package owners.