Browse Source

Update interface

pull/1/head
arnaucube 4 years ago
parent
commit
becff7b647
10 changed files with 75 additions and 131 deletions
  1. +14
    -12
      README.md
  2. +13
    -37
      blindsecp256k1.go
  3. +15
    -13
      blindsecp256k1_test.go
  4. +1
    -1
      go.mod
  5. +0
    -2
      go.sum
  6. +9
    -35
      v0/blindsecp256k1v0.go
  7. +14
    -12
      v0/blindsecp256k1v0_test.go
  8. +4
    -14
      wasm/blindsecp256k1-wasm.go
  9. BIN
      wasm/webtest/blindsecp256k1.wasm
  10. +5
    -5
      wasm/webtest/index.js

+ 14
- 12
README.md

@ -7,24 +7,26 @@ Blind signature over [secp256k1](https://en.bitcoin.it/wiki/Secp256k1), based on
## Usage
```go
// message to be signed
msg := new(big.Int).SetBytes([]byte("test"))
// signer: create new signer key pair
sk := NewPrivateKey()
signerPubK := sk.Public()
// create new signer
signerPrivateData := blindsecp256k1.NewSigner()
signerPublicData := signerPrivateData.PublicData()
// signer: when user requests new R parameter to blind a new msg,
// create new signerR (public) with its secret k
k, signerR := NewRequestParameters()
// user blinds the msg
msgBlinded, user := blindsecp256k1.Blind(msg, signerPublicData)
// user: blinds the msg using signer's R
msg := new(big.Int).SetBytes([]byte("test"))
msgBlinded, userSecretData := Blind(msg, signerR)
// signer signs the blinded message
sBlind := signerPrivateData.BlindSign(msgBlinded)
// signer: signs the blinded message using its private key & secret k
sBlind := sk.BlindSign(msgBlinded, k)
// user unblinds the blinded signature
sig := blindsecp256k1.Unblind(sBlind, msg, user)
// user: unblinds the blinded signature
sig := Unblind(sBlind, msg, userSecretData)
// signature can be verified with signer PublicKey
verified := blindsecp256k1.Verify(msg, sig, signerPublicData.Q)
verified := Verify(msg, sig, signerPubK)
assert.True(t, verified)
```

+ 13
- 37
blindsecp256k1.go

@ -94,46 +94,20 @@ func (pk *PublicKey) Point() *Point {
return (*Point)(pk)
}
// SignerPrivateData contains the secret values from the Signer
type SignerPrivateData struct {
D *PrivateKey
K *big.Int
}
// SignerPublicData contains the public values from the Signer (generated from
// its SignerPrivateData)
type SignerPublicData struct {
// Q is the Signer Public Key
Q *PublicKey // = skG
R *Point // = kG
}
// NewSigner returns a new SignerPrivateData with random D & K
func NewSigner() *SignerPrivateData {
sk := NewPrivateKey()
// NewRequestParameters returns a new random k (secret) & R (public) parameters
func NewRequestParameters() (*big.Int, *Point) {
k := newRand()
return &SignerPrivateData{
D: sk,
K: k,
}
return k, G.Mul(k) // R = kG
}
// PublicData returns the SignerPublicData from the SignerPrivateData
func (signer *SignerPrivateData) PublicData() *SignerPublicData {
return &SignerPublicData{
Q: signer.D.Public(), // Q = dG
R: G.Mul(signer.K), // R = kG
}
}
// BlindSign performs the blind signature on the given mBlinded using
// SignerPrivateData values
func (signer *SignerPrivateData) BlindSign(mBlinded *big.Int) *big.Int {
// BlindSign performs the blind signature on the given mBlinded using the
// PrivateKey and the secret k values
func (sk *PrivateKey) BlindSign(mBlinded *big.Int, k *big.Int) *big.Int {
// TODO add pending checks
// s' = dm' + k
sBlind := new(big.Int).Add(
new(big.Int).Mul(signer.D.BigInt(), mBlinded),
signer.K)
new(big.Int).Mul(sk.BigInt(), mBlinded),
k)
return sBlind
}
@ -146,17 +120,19 @@ type UserSecretData struct {
F *Point // public (in the paper is R)
}
// Blind performs the blinding operation on m using SignerPublicData parameters
func Blind(m *big.Int, signer *SignerPublicData) (*big.Int, *UserSecretData) {
// Blind performs the blinding operation on m using signerR parameter
func Blind(m *big.Int, signerR *Point) (*big.Int, *UserSecretData) {
u := &UserSecretData{}
u.A = newRand()
u.B = newRand()
// (R) F = aR' + bG
aR := signer.R.Mul(u.A)
aR := signerR.Mul(u.A)
bG := G.Mul(u.B)
u.F = aR.Add(bG)
// TODO check that F != O (point at infinity)
rx := new(big.Int).Mod(u.F.X, N)
// m' = a^-1 rx h(m)

+ 15
- 13
blindsecp256k1_test.go

@ -8,23 +8,25 @@ import (
)
func TestFlow(t *testing.T) {
// message to be signed
msg := new(big.Int).SetBytes([]byte("test"))
// signer: create new signer key pair
sk := NewPrivateKey()
signerPubK := sk.Public()
// create new signer
signerPrivateData := NewSigner()
signerPublicData := signerPrivateData.PublicData()
// signer: when user requests new R parameter to blind a new msg,
// create new signerR (public) with its secret k
k, signerR := NewRequestParameters()
// user blinds the msg
msgBlinded, user := Blind(msg, signerPublicData)
// user: blinds the msg using signer's R
msg := new(big.Int).SetBytes([]byte("test"))
msgBlinded, userSecretData := Blind(msg, signerR)
// signer signs the blinded message
sBlind := signerPrivateData.BlindSign(msgBlinded)
// signer: signs the blinded message using its private key & secret k
sBlind := sk.BlindSign(msgBlinded, k)
// user unblinds the blinded signature
sig := Unblind(sBlind, msg, user)
// user: unblinds the blinded signature
sig := Unblind(sBlind, msg, userSecretData)
// signature can be verified with signer PublicKey (Q)
verified := Verify(msg, sig, signerPublicData.Q)
// signature can be verified with signer PublicKey
verified := Verify(msg, sig, signerPubK)
assert.True(t, verified)
}

+ 1
- 1
go.mod

@ -1,4 +1,4 @@
module blindsecp256k1
module github.com/arnaucube/go-blindsecp256k1
go 1.14

+ 0
- 2
go.sum

@ -20,7 +20,6 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy
github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
github.com/allegro/bigcache v1.2.1-0.20190218064605-e24eb225f156/go.mod h1:Cb/ax3seSYIx7SuZdm2G2xzfwmv3TPSk2ucNfQESPXM=
github.com/aristanetworks/goarista v0.0.0-20170210015632-ea17b1a17847/go.mod h1:D/tb0zPVXnP7fmsLZjtdUhSsumbK/ij54UXjjVgMGxQ=
github.com/arnaucube/go-blindsecp256k1 v0.0.0-20210110223224-c3e4afc55292 h1:IDrJ98Pv07YozWvwigwK9ygJBa6zsB+H5sHGWLJTrX8=
github.com/aws/aws-sdk-go v1.25.48/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/btcsuite/btcd v0.0.0-20171128150713-2e60448ffcc6 h1:Eey/GGQ/E5Xp1P2Lyx1qj007hLZfbi0+CoVeJruGCtI=
@ -30,7 +29,6 @@ github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghf
github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
github.com/cloudflare/cloudflare-go v0.10.2-0.20190916151808-a80f83b9add9/go.mod h1:1MxXX1Ux4x6mqPmjkUgTP1CdXIBXKX7T+Jk9Gxrmx+U=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

+ 9
- 35
v0/blindsecp256k1v0.go

@ -93,46 +93,20 @@ func (pk *PublicKey) Point() *Point {
return (*Point)(pk)
}
// SignerPrivateData contains the secret values from the Signer
type SignerPrivateData struct {
D *PrivateKey
K *big.Int
}
// SignerPublicData contains the public values from the Signer (generated from
// its SignerPrivateData)
type SignerPublicData struct {
// Q is the Signer Public Key
Q *PublicKey // = skG
R *Point // = kG
}
// NewSigner returns a new SignerPrivateData with random D & K
func NewSigner() *SignerPrivateData {
sk := NewPrivateKey()
// NewRequestParameters returns a new random k (secret) & R (public) parameters
func NewRequestParameters() (*big.Int, *Point) {
k := newRand()
return &SignerPrivateData{
D: sk,
K: k,
}
}
// PublicData returns the SignerPublicData from the SignerPrivateData
func (signer *SignerPrivateData) PublicData() *SignerPublicData {
return &SignerPublicData{
Q: signer.D.Public(), // Q = dG
R: G.Mul(signer.K), // R = kG
}
return k, G.Mul(k) // R = kG
}
// BlindSign performs the blind signature on the given mBlinded using
// SignerPrivateData values
func (signer *SignerPrivateData) BlindSign(mBlinded *big.Int) *big.Int {
func (sk *PrivateKey) BlindSign(mBlinded *big.Int, k *big.Int) *big.Int {
// TODO add pending checks
// s' = d(m') + k
sBlind := new(big.Int).Add(
new(big.Int).Mul(signer.D.BigInt(), mBlinded),
signer.K)
new(big.Int).Mul(sk.BigInt(), mBlinded),
k)
return sBlind
}
@ -147,7 +121,7 @@ type UserSecretData struct {
}
// Blind performs the blinding operation on m using SignerPublicData parameters
func Blind(m *big.Int, signer *SignerPublicData) (*big.Int, *UserSecretData) {
func Blind(m *big.Int, signerPubK *PublicKey, signerR *Point) (*big.Int, *UserSecretData) {
u := &UserSecretData{}
u.A = newRand()
u.B = newRand()
@ -155,10 +129,10 @@ func Blind(m *big.Int, signer *SignerPublicData) (*big.Int, *UserSecretData) {
binv := new(big.Int).ModInverse(u.B, N)
// F = b^-1 R + a b^-1 Q + c G
bR := signer.R.Mul(binv)
bR := signerR.Mul(binv)
abinv := new(big.Int).Mul(u.A, binv)
abinv = new(big.Int).Mod(abinv, N)
abQ := signer.Q.Point().Mul(abinv)
abQ := signerPubK.Point().Mul(abinv)
cG := G.Mul(u.C)
u.F = bR.Add(abQ).Add(cG)
// TODO check F==O

+ 14
- 12
v0/blindsecp256k1v0_test.go

@ -8,23 +8,25 @@ import (
)
func TestFlow(t *testing.T) {
// message to be signed
msg := new(big.Int).SetBytes([]byte("test"))
// signer: create new signer key pair
sk := NewPrivateKey()
signerPubK := sk.Public()
// create new signer
signerPrivateData := NewSigner()
signerPublicData := signerPrivateData.PublicData()
// signer: when user requests new R parameter to blind a new msg,
// create new signerR (public) with its secret k
k, signerR := NewRequestParameters()
// user blinds the msg
msgBlinded, user := Blind(msg, signerPublicData)
// user: blinds the msg using signer's R
msg := new(big.Int).SetBytes([]byte("test"))
msgBlinded, userSecretData := Blind(msg, signerPubK, signerR)
// signer signs the blinded message
sBlind := signerPrivateData.BlindSign(msgBlinded)
// signer: signs the blinded message using its private key & secret k
sBlind := sk.BlindSign(msgBlinded, k)
// user unblinds the blinded signature
sig := Unblind(sBlind, msg, user)
// user: unblinds the blinded signature
sig := Unblind(sBlind, msg, userSecretData)
// signature can be verified with signer PublicKey (Q)
verified := Verify(msg, sig, signerPublicData.Q)
verified := Verify(msg, sig, signerPubK)
assert.True(t, verified)
}

+ 4
- 14
wasm/blindsecp256k1-wasm.go

@ -57,8 +57,7 @@ func blindv0(this js.Value, values []js.Value) interface{} {
Y: signerRy,
}
signer := &blindsecp256k1v0.SignerPublicData{signerQ, signerR}
mBlinded, user := blindsecp256k1v0.Blind(m, signer)
mBlinded, user := blindsecp256k1v0.Blind(m, signerQ, signerR)
r := make(map[string]interface{})
r["mBlinded"] = mBlinded.String()
@ -108,28 +107,19 @@ func unblindv0(this js.Value, values []js.Value) interface{} {
}
func blind(this js.Value, values []js.Value) interface{} {
mStr := values[0].String()
signerQxStr := values[1].String()
signerQyStr := values[2].String()
signerRxStr := values[3].String()
signerRyStr := values[4].String()
signerRxStr := values[1].String()
signerRyStr := values[2].String()
m := stringToBigInt(mStr)
signerQx := stringToBigInt(signerQxStr)
signerQy := stringToBigInt(signerQyStr)
signerRx := stringToBigInt(signerRxStr)
signerRy := stringToBigInt(signerRyStr)
signerQ := &blindsecp256k1.PublicKey{
X: signerQx,
Y: signerQy,
}
signerR := &blindsecp256k1.Point{
X: signerRx,
Y: signerRy,
}
signer := &blindsecp256k1.SignerPublicData{signerQ, signerR}
mBlinded, user := blindsecp256k1.Blind(m, signer)
mBlinded, user := blindsecp256k1.Blind(m, signerR)
r := make(map[string]interface{})
r["mBlinded"] = mBlinded.String()

BIN
wasm/webtest/blindsecp256k1.wasm


+ 5
- 5
wasm/webtest/index.js

@ -2,15 +2,15 @@ function test() {
let m = "1952805748";
console.log("using: https://sci-hub.do/10.1109/ICCKE.2013.6682844");
// Q & R would be received from the Signer
let signerQx = "26613296432153871833441195158297038913673464785502568519907582377915678491093";
let signerQy = "81940194042971427014176158889809922552127995083760111384335138546589994227275";
// R would be received from the Signer
let signerRx = "59371873487402651110657306418818354906476102545298559461791300717696053835454";
let signerRy = "98322875246066710654579302898391677189379767946198239290895789444110962324342";
let blindRes = blind(m, signerQx, signerQy, signerRx, signerRy);
let blindRes = blind(m, signerRx, signerRy);
console.log("blind", blindRes);
// sBlind would be received from the Signer
// Q & sBlind would be received from the Signer
let signerQx = "26613296432153871833441195158297038913673464785502568519907582377915678491093";
let signerQy = "81940194042971427014176158889809922552127995083760111384335138546589994227275";
let sBlind = "7240298625621589352655632414257224668430424461224914067754717095121139699933353374227084479180038954015287518505167995306229258561275087198611946596619855";
let unblindRes = unblind(sBlind, m, blindRes.uA, blindRes.uB, blindRes.uFx, blindRes.uFy);
console.log("unblind", unblindRes);

Loading…
Cancel
Save