`import "go.dedis.ch/kyber/sign/dss"`

Package dss implements the Distributed Schnorr Signature protocol from the paper "Provably Secure Distributed Schnorr Signatures and a (t, n) Threshold Scheme for Implicit Certificates". https://dl.acm.org/citation.cfm?id=678297 To generate a distributed signature from a group of participants, the group must first generate one longterm distributed secret with the share/dkg package, and then one random secret to be used only once. Each participant then creates a DSS struct, that can issue partial signatures with `dss.PartialSignature()`. These partial signatures can be broadcasted to the whole group or to a trusted combiner. Once one has collected enough partial signatures, it is possible to compute the distributed signature with the `Signature` method. The resulting signature is compatible with the EdDSA verification function. against the longterm distributed key.

- func Verify(public kyber.Point, msg, sig []byte) error
- type DSS
- func NewDSS(suite Suite, secret kyber.Scalar, participants []kyber.Point, long, random DistKeyShare, msg []byte, T int) (*DSS, error)
- func (d *DSS) EnoughPartialSig() bool
- func (d *DSS) PartialSig() (*PartialSig, error)
- func (d *DSS) ProcessPartialSig(ps *PartialSig) error
- func (d *DSS) Signature() ([]byte, error)
- type DistKeyShare
- type PartialSig
- type Suite

Verify takes a public key, a message and a signature and returns an error if the signature is invalid.

DSS holds the information used to issue partial signatures as well as to compute the distributed schnorr signature.

❖

func NewDSS(suite Suite, secret kyber.Scalar, participants []kyber.Point, long, random DistKeyShare, msg []byte, T int) (*DSS, error)

NewDSS returns a DSS struct out of the suite, the longterm secret of this node, the list of participants, the longterm and random distributed key (generated by the dkg package), the message to sign and finally the T threshold. It returns an error if the public key of the secret can't be found in the list of participants.

EnoughPartialSig returns true if there are enough partial signature to compute the distributed signature. It returns false otherwise. If there are enough partial signatures, one can issue the signature with `Signature()`.

❖

func (d *DSS) PartialSig() (*PartialSig, error)

PartialSig generates the partial signature related to this DSS. This PartialSig can be broadcasted to every other participant or only to a trusted combiner as described in the paper. The signature format is compatible with EdDSA verification implementations.

❖

func (d *DSS) ProcessPartialSig(ps *PartialSig) error

ProcessPartialSig takes a PartialSig from another participant and stores it for generating the distributed signature. It returns an error if the index is wrong, or the signature is invalid or if a partial signature has already been received by the same peer. To know whether the distributed signature can be computed after this call, one can use the `EnoughPartialSigs` method.

Signature computes the distributed signature from the list of partial signatures received. It returns an error if there are not enough partial signatures. The signature is compatible with the EdDSA verification alrogithm.

DistKeyShare is an abstraction to allow one to use distributed key share from different schemes easily into this distributed threshold Schnorr signature framework.

PartialSig is partial representation of the final distributed signature. It must be sent to each of the other participants.

❖

func (ps *PartialSig) Hash(s Suite) []byte

Hash returns the hash representation of this PartialSig to be used in a signature.

❖

type Suite interface { kyber.Group kyber.HashFactory kyber.Random }

Suite represents the functionalities needed by the dss package

Package dss imports 7 packages (graph). Updated 2019-11-12. Refresh now. Tools for package owners.