blind-sign: complete blind signature + fix commitment
This commit is contained in:
parent
3c5237f12c
commit
0719018848
36
src/cl.rs
36
src/cl.rs
|
@ -289,8 +289,8 @@ impl<E: Engine> BlindKeyPair<E> {
|
||||||
|
|
||||||
let mut com1 = com.c1.clone();
|
let mut com1 = com.c1.clone();
|
||||||
let mut H1 = self.public.X1.clone();
|
let mut H1 = self.public.X1.clone();
|
||||||
H1.add_assign(&com1); // (X * com ^ g)
|
H1.add_assign(&com1); // (X * com)
|
||||||
H1.mul_assign(u); // com ^ u (blinding factor)
|
H1.mul_assign(u); // (X * com) ^ u (blinding factor)
|
||||||
|
|
||||||
Signature { h: h1, H: H1 }
|
Signature { h: h1, H: H1 }
|
||||||
}
|
}
|
||||||
|
@ -304,7 +304,8 @@ impl<E: Engine> BlindKeyPair<E> {
|
||||||
/// verifiable with standard signature scheme.
|
/// verifiable with standard signature scheme.
|
||||||
pub fn unblind(&self, bf: &E::Fr, signature: &Signature<E>) -> Signature<E> {
|
pub fn unblind(&self, bf: &E::Fr, signature: &Signature<E>) -> Signature<E> {
|
||||||
let mut H = signature.h;
|
let mut H = signature.h;
|
||||||
let inv_bf = bf.inverse().unwrap();
|
let mut inv_bf = bf.clone();
|
||||||
|
inv_bf.negate();
|
||||||
|
|
||||||
// sigma2 / sigma1 ^ t
|
// sigma2 / sigma1 ^ t
|
||||||
H.mul_assign(inv_bf);
|
H.mul_assign(inv_bf);
|
||||||
|
@ -411,6 +412,30 @@ mod tests {
|
||||||
assert_eq!(keypair.verify(&mpk,&message1, &t1,&blind_sig), false);
|
assert_eq!(keypair.verify(&mpk,&message1, &t1,&blind_sig), false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[test]
|
||||||
|
fn blind_unblind_works() {
|
||||||
|
let mut rng = &mut rand::thread_rng();
|
||||||
|
|
||||||
|
let l = 5;
|
||||||
|
let mpk = setup(&mut rng);
|
||||||
|
let keypair = BlindKeyPair::<Bls12>::generate(&mut rng, &mpk, l);
|
||||||
|
|
||||||
|
let mut message1 : Vec<Fr> = Vec::new();
|
||||||
|
|
||||||
|
for i in 0..l {
|
||||||
|
message1.push(Fr::rand(&mut rng));
|
||||||
|
}
|
||||||
|
|
||||||
|
let signature = keypair.sign(rng, &message1);
|
||||||
|
let r = Fr::rand(rng);
|
||||||
|
let blind_sig = keypair.blind(rng, &r, &signature);
|
||||||
|
let signature1 = keypair.unblind(&r, &blind_sig);
|
||||||
|
|
||||||
|
assert_eq!(keypair.get_public_key(&mpk).verify(&mpk, &message1, &signature1), true);
|
||||||
|
assert_eq!(keypair.get_public_key(&mpk).verify(&mpk, &message1, &blind_sig), false);
|
||||||
|
assert_eq!(keypair.verify(&mpk, &message1, &r, &blind_sig), true);
|
||||||
|
}
|
||||||
|
|
||||||
#[test]
|
#[test]
|
||||||
fn blind_sign_and_verify_works() {
|
fn blind_sign_and_verify_works() {
|
||||||
let mut rng = &mut rand::thread_rng();
|
let mut rng = &mut rand::thread_rng();
|
||||||
|
@ -444,11 +469,10 @@ mod tests {
|
||||||
|
|
||||||
let t1 = Fr::rand(&mut rng);
|
let t1 = Fr::rand(&mut rng);
|
||||||
|
|
||||||
assert_eq!(keypair.verify(&mpk,&message1, &t,&unblinded_sig), true);
|
assert_eq!(keypair.get_public_key(&mpk).verify(&mpk,&message1, &unblinded_sig), true);
|
||||||
assert_eq!(keypair.verify(&mpk,&message1, &t, &signature), true);
|
assert_eq!(keypair.verify(&mpk,&message1, &t, &signature), true);
|
||||||
assert_eq!(keypair.verify(&mpk,&message2, &t,&unblinded_sig), false);
|
assert_eq!(keypair.get_public_key(&mpk).verify(&mpk,&message2, &unblinded_sig), false);
|
||||||
assert_eq!(keypair.verify(&mpk,&message2, &t, &signature), false);
|
assert_eq!(keypair.verify(&mpk,&message2, &t, &signature), false);
|
||||||
assert_eq!(keypair.verify(&mpk,&message1, &t1,&unblinded_sig), false);
|
|
||||||
assert_eq!(keypair.verify(&mpk,&message1, &t1, &signature), false);
|
assert_eq!(keypair.verify(&mpk,&message1, &t1, &signature), false);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
15
src/ped92.rs
15
src/ped92.rs
|
@ -128,7 +128,8 @@ impl<E: Engine> CSMultiParams<E> {
|
||||||
pub fn setup_gen_params<R: Rng>(rng: &mut R, len: usize) -> Self {
|
pub fn setup_gen_params<R: Rng>(rng: &mut R, len: usize) -> Self {
|
||||||
let mut p1: Vec<E::G1> = Vec::new();
|
let mut p1: Vec<E::G1> = Vec::new();
|
||||||
let mut p2: Vec<E::G2> = Vec::new();
|
let mut p2: Vec<E::G2> = Vec::new();
|
||||||
for i in 0..len {
|
// 1 extra base element for the random parameter
|
||||||
|
for i in 0..len + 1 {
|
||||||
p1.push(E::G1::rand(rng));
|
p1.push(E::G1::rand(rng));
|
||||||
p2.push(E::G2::rand(rng));
|
p2.push(E::G2::rand(rng));
|
||||||
}
|
}
|
||||||
|
@ -142,11 +143,11 @@ impl<E: Engine> CSMultiParams<E> {
|
||||||
let mut c2 = self.pub_bases2[0].clone();
|
let mut c2 = self.pub_bases2[0].clone();
|
||||||
c1.mul_assign(r.clone());
|
c1.mul_assign(r.clone());
|
||||||
c2.mul_assign(r.clone());
|
c2.mul_assign(r.clone());
|
||||||
for i in 1..x.len() {
|
for i in 0..x.len() {
|
||||||
let mut basis1 = self.pub_bases1[i];
|
let mut basis1 = self.pub_bases1[i+1];
|
||||||
basis1.mul_assign(x[i]);
|
basis1.mul_assign(x[i]);
|
||||||
c1.add_assign(&basis1);
|
c1.add_assign(&basis1);
|
||||||
let mut basis2 = self.pub_bases2[i];
|
let mut basis2 = self.pub_bases2[i+1];
|
||||||
basis2.mul_assign(x[i]);
|
basis2.mul_assign(x[i]);
|
||||||
c2.add_assign(&basis2);
|
c2.add_assign(&basis2);
|
||||||
}
|
}
|
||||||
|
@ -162,11 +163,11 @@ impl<E: Engine> CSMultiParams<E> {
|
||||||
let mut dc2 = self.pub_bases2[0].clone();
|
let mut dc2 = self.pub_bases2[0].clone();
|
||||||
dc1.mul_assign(r.clone());
|
dc1.mul_assign(r.clone());
|
||||||
dc2.mul_assign(r.clone());
|
dc2.mul_assign(r.clone());
|
||||||
for i in 1..l {
|
for i in 0..l {
|
||||||
let mut basis1 = self.pub_bases1[i];
|
let mut basis1 = self.pub_bases1[i+1];
|
||||||
basis1.mul_assign(x[i]);
|
basis1.mul_assign(x[i]);
|
||||||
dc1.add_assign(&basis1);
|
dc1.add_assign(&basis1);
|
||||||
let mut basis2 = self.pub_bases2[i];
|
let mut basis2 = self.pub_bases2[i+1];
|
||||||
basis2.mul_assign(x[i]);
|
basis2.mul_assign(x[i]);
|
||||||
dc2.add_assign(&basis2);
|
dc2.add_assign(&basis2);
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue