zec
/
zips
mirror of https://github.com/zcash/zips.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Formatting

This commit is contained in:
Jack Grigg 2018-09-20 11:03:24 +01:00
parent cb1e663836
commit 975a2aaa64
No known key found for this signature in database
GPG Key ID: 1B8D649257DB0829
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
zip-0032.rst
View File

@ -228,8 +228,10 @@ CDKfvk((*ak*\ :sub:`par`\ , *nk*\ :sub:`par`\ , *ovk*\ :sub:`par`\ , *dk*\ :sub:
Diversifier derivation
----------------------
The 88-bit diversifiers for a Sapling extended key are derived from its diversifier key *dk*. To prevent the diversifier leaking how many diversified addresses have already been generated for an account; we make the sequence of diversifiers pseudorandom and uncorrelated to that of any other account.
In order to reach the maximum possible diversifier range without running into repetitions due to the birthday bound, we use
The 88-bit diversifiers for a Sapling extended key are derived from its diversifier key *dk*. To prevent the
diversifier leaking how many diversified addresses have already been generated for an account, we make the
sequence of diversifiers pseudorandom and uncorrelated to that of any other account. In order to reach the
maximum possible diversifier range without running into repetitions due to the birthday bound, we use
FF1-AES256 as a Pseudo-Random Permutation as follows:
- Let *j* be the index of the desired diversifier, in the range 0 .. 2\ :sup:`88`\ -1.