`import "go.dedis.ch/kyber/share/pvss"`

Package pvss implements public verifiable secret sharing as introduced in "A Simple Publicly Verifiable Secret Sharing Scheme and its Application to Electronic Voting" by Berry Schoenmakers. In comparison to regular verifiable secret sharing schemes, PVSS enables any third party to verify shares distributed by a dealer using zero-knowledge proofs. PVSS runs in three steps:

1. The dealer creates a list of encrypted public verifiable shares using EncShares() and distributes them to the trustees. 2. Upon the announcement that the secret should be released, each trustee uses DecShare() to first verify and, if valid, decrypt his share. 3. Once a threshold of decrypted shares has been released, anyone can verify them and, if enough shares are valid, recover the shared secret using RecoverSecret().

- func DecShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, x kyber.Scalar, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, []*PubVerShare, error)
- func RecoverSecret(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare, t int, n int) (kyber.Point, error)
- func VerifyDecShare(suite Suite, G kyber.Point, X kyber.Point, encShare *PubVerShare, decShare *PubVerShare) error
- func VerifyEncShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, encShare *PubVerShare) error
- type PubVerShare
- func DecShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, x kyber.Scalar, encShare *PubVerShare) (*PubVerShare, error)
- func EncShares(suite Suite, H kyber.Point, X []kyber.Point, secret kyber.Scalar, t int) (shares []*PubVerShare, commit *share.PubPoly, err error)
- func VerifyDecShareBatch(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare) ([]*PubVerShare, error)
- func VerifyEncShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, error)
- type Suite

❖

func DecShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, x kyber.Scalar, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, []*PubVerShare, error)

DecShareBatch provides the same functionality as DecShare but for slices of encrypted shares. The function returns the valid encrypted and decrypted shares as well as the corresponding public keys.

❖

func RecoverSecret(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare, t int, n int) (kyber.Point, error)

RecoverSecret first verifies the given decrypted shares against their decryption consistency proofs and then tries to recover the shared secret.

❖

func VerifyDecShare(suite Suite, G kyber.Point, X kyber.Point, encShare *PubVerShare, decShare *PubVerShare) error

VerifyDecShare checks that the decrypted share sG satisfies log_{G}(X) == log_{sG}(sX). Note that X = xG and sX = s(xG) = x(sG).

❖

func VerifyEncShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, encShare *PubVerShare) error

VerifyEncShare checks that the encrypted share sX satisfies log_{H}(sH) == log_{X}(sX) where sH is the public commitment computed by evaluating the public commitment polynomial at the encrypted share's index i.

PubVerShare is a public verifiable share.

❖

func DecShare(suite Suite, H kyber.Point, X kyber.Point, sH kyber.Point, x kyber.Scalar, encShare *PubVerShare) (*PubVerShare, error)

DecShare first verifies the encrypted share against the encryption consistency proof and, if valid, decrypts it and creates a decryption consistency proof.

❖

func EncShares(suite Suite, H kyber.Point, X []kyber.Point, secret kyber.Scalar, t int) (shares []*PubVerShare, commit *share.PubPoly, err error)

EncShares creates a list of encrypted publicly verifiable PVSS shares for the given secret and the list of public keys X using the sharing threshold t and the base point H. The function returns the list of shares and the public commitment polynomial.

❖

func VerifyDecShareBatch(suite Suite, G kyber.Point, X []kyber.Point, encShares []*PubVerShare, decShares []*PubVerShare) ([]*PubVerShare, error)

VerifyDecShareBatch provides the same functionality as VerifyDecShare but for slices of decrypted shares. The function returns the the valid decrypted shares.

❖

func VerifyEncShareBatch(suite Suite, H kyber.Point, X []kyber.Point, sH []kyber.Point, encShares []*PubVerShare) ([]kyber.Point, []*PubVerShare, error)

VerifyEncShareBatch provides the same functionality as VerifyEncShare but for slices of encrypted shares. The function returns the valid encrypted shares together with the corresponding public keys.

❖

type Suite interface { kyber.Group kyber.HashFactory kyber.Encoding kyber.XOFFactory kyber.Random }

Suite describes the functionalities needed by this package in order to function correctly.

Package pvss imports 4 packages (graph). Updated 2019-10-23. Refresh now. Tools for package owners.