arnaucube
/
go-blindsecp256k1
mirror of https://github.com/arnaucube/go-blindsecp256k1.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
5 Branches
0 Tags
36 MiB
Tree: becff7b647
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'becff7b647'
${ noResults }
go-blindsecp256k1/v0/blindsecp256k1v0.go

188 lines
4.4 KiB
Raw Normal View History

Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
Update interface
3 years ago
Implement https://sci-hub.do/10.1109/ICCKE.2013.6682844 Previous to this commit there was the implementation of "[An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete Logarithm Problem](http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf)" paper by by Morteza Nikooghadama & Ali Zakerolhosseini. This commit adds the implementation of "[New Blind Signature Schemes Based on the (Elliptic Curve) Discrete Logarithm Problem](https://sci-hub.do/10.1109/ICCKE.2013.6682844)" paper by Hamid Mala & Nafiseh Nezhadansari.
3 years ago
  1. // Package blindsecp256k1v0 implements the Blind signature scheme explained at
  2. // "An Efficient Blind Signature Scheme Based on the Elliptic Curve Discrete
  3. // Logarithm Problem", by Morteza Nikooghadama & Ali Zakerolhosseini
  4. // http://www.isecure-journal.com/article_39171_47f9ec605dd3918c2793565ec21fcd7a.pdf
  5. //
  6. // LICENSE can be found at https://github.com/arnaucube/go-blindsecp256k1/blob/master/LICENSE
  7. //
  8. package blindsecp256k1v0
  10. // WARNING: WIP code
  12. import (
  13. "bytes"
  14. "crypto/rand"
  15. "math/big"
  17. "github.com/btcsuite/btcd/btcec"
  18. )
  20. var (
  21. // G represents the base point of secp256k1
  22. G *Point = &Point{
  23. X: btcec.S256().Gx,
  24. Y: btcec.S256().Gy,
  25. }
  27. // N represents the order of G of secp256k1
  28. N *big.Int = btcec.S256().N
  29. )
  31. // Point represents a point on the secp256k1 curve
  32. type Point struct {
  33. X *big.Int
  34. Y *big.Int
  35. }
  37. // Add performs the Point addition
  38. func (p *Point) Add(q *Point) *Point {
  39. x, y := btcec.S256().Add(p.X, p.Y, q.X, q.Y)
  40. return &Point{
  41. X: x,
  42. Y: y,
  43. }
  44. }
  46. // Mul performs the Point scalar multiplication
  47. func (p *Point) Mul(scalar *big.Int) *Point {
  48. x, y := btcec.S256().ScalarMult(p.X, p.Y, scalar.Bytes())
  49. return &Point{
  50. X: x,
  51. Y: y,
  52. }
  53. }
  55. // WIP
  56. func newRand() *big.Int {
  57. var b [32]byte
  58. _, err := rand.Read(b[:])
  59. if err != nil {
  60. panic(err)
  61. }
  62. bi := new(big.Int).SetBytes(b[:])
  63. return new(big.Int).Mod(bi, N)
  64. }
  66. // PrivateKey represents the signer's private key
  67. type PrivateKey big.Int
  69. // PublicKey represents the signer's public key
  70. type PublicKey Point
  72. // NewPrivateKey returns a new random private key
  73. func NewPrivateKey() *PrivateKey {
  74. k := newRand()
  75. sk := PrivateKey(*k)
  76. return &sk
  77. }
  79. // BigInt returns a *big.Int representation of the PrivateKey
  80. func (sk *PrivateKey) BigInt() *big.Int {
  81. return (*big.Int)(sk)
  82. }
  84. // Public returns the PublicKey from the PrivateKey
  85. func (sk *PrivateKey) Public() *PublicKey {
  86. Q := G.Mul(sk.BigInt())
  87. pk := PublicKey(*Q)
  88. return &pk
  89. }
  91. // Point returns a *Point representation of the PublicKey
  92. func (pk *PublicKey) Point() *Point {
  93. return (*Point)(pk)
  94. }
  96. // NewRequestParameters returns a new random k (secret) & R (public) parameters
  97. func NewRequestParameters() (*big.Int, *Point) {
  98. k := newRand()
  99. return k, G.Mul(k) // R = kG
  100. }
  102. // BlindSign performs the blind signature on the given mBlinded using
  103. // SignerPrivateData values
  104. func (sk *PrivateKey) BlindSign(mBlinded *big.Int, k *big.Int) *big.Int {
  105. // TODO add pending checks
  106. // s' = d(m') + k
  107. sBlind := new(big.Int).Add(
  108. new(big.Int).Mul(sk.BigInt(), mBlinded),
  109. k)
  110. return sBlind
  111. }
  113. // UserSecretData contains the secret values from the User (a, b, c) and the
  114. // public F
  115. type UserSecretData struct {
  116. A *big.Int
  117. B *big.Int
  118. C *big.Int
  120. F *Point // public
  121. }
  123. // Blind performs the blinding operation on m using SignerPublicData parameters
  124. func Blind(m *big.Int, signerPubK *PublicKey, signerR *Point) (*big.Int, *UserSecretData) {
  125. u := &UserSecretData{}
  126. u.A = newRand()
  127. u.B = newRand()
  128. u.C = newRand()
  129. binv := new(big.Int).ModInverse(u.B, N)
  131. // F = b^-1 R + a b^-1 Q + c G
  132. bR := signerR.Mul(binv)
  133. abinv := new(big.Int).Mul(u.A, binv)
  134. abinv = new(big.Int).Mod(abinv, N)
  135. abQ := signerPubK.Point().Mul(abinv)
  136. cG := G.Mul(u.C)
  137. u.F = bR.Add(abQ).Add(cG)
  138. // TODO check F==O
  140. r := new(big.Int).Mod(u.F.X, N)
  142. // m' = br(m)+a
  143. br := new(big.Int).Mul(u.B, r)
  144. brm := new(big.Int).Mul(br, m)
  145. mBlinded := new(big.Int).Add(brm, u.A)
  146. mBlinded = new(big.Int).Mod(mBlinded, N)
  147. return mBlinded, u
  148. }
  150. // Signature contains the signature values S & F
  151. type Signature struct {
  152. S *big.Int
  153. F *Point
  154. }
  156. // Unblind performs the unblinding operation of the blinded signature for the
  157. // given message m and the UserSecretData
  158. func Unblind(sBlind, m *big.Int, u *UserSecretData) *Signature {
  159. // s = b^-1 s' + c
  160. binv := new(big.Int).ModInverse(u.B, N)
  161. bs := new(big.Int).Mul(binv, sBlind)
  162. s := new(big.Int).Add(bs, u.C)
  163. s = new(big.Int).Mod(s, N)
  165. return &Signature{
  166. S: s,
  167. F: u.F,
  168. }
  169. }
  171. // Verify checks the signature of the message m for the given PublicKey
  172. func Verify(m *big.Int, signature *Signature, q *PublicKey) bool {
  173. // TODO add pending checks
  174. sG := G.Mul(signature.S) // sG
  176. r := new(big.Int).Mod(signature.F.X, N) // r = Fx mod N
  177. rm := new(big.Int).Mul(r, m)
  178. rm = new(big.Int).Mod(rm, N)
  179. rmQ := q.Point().Mul(rm)
  180. rmQF := rmQ.Add(signature.F) // rmQ + F
  182. // check sG == rmQ + F
  183. if bytes.Equal(sG.X.Bytes(), rmQF.X.Bytes()) &&
  184. bytes.Equal(sG.Y.Bytes(), rmQF.Y.Bytes()) {
  185. return true
  186. }
  187. return false
  188. }