arnaucube
/
math
mirror of https://github.com/arnaucube/math.git
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22 Commits
2 Branches
0 Tags
33 MiB
Tree: 11e7cc5613
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '11e7cc5613'
${ noResults }
math/notes_bls-sig.tex

87 lines
2.6 KiB
Raw Normal View History

split paper notes files
1 year ago
Add pairings initial notes
1 year ago
split paper notes files
1 year ago
  1. \documentclass{article}
  2. \usepackage[utf8]{inputenc}
  3. \usepackage{amsfonts}
  4. \usepackage{amsthm}
  5. \usepackage{amsmath}
  6. \usepackage{enumerate}
  7. \usepackage{hyperref}
  8. \hypersetup{
  9. colorlinks,
  10. citecolor=black,
  11. filecolor=black,
  12. linkcolor=black,
  13. urlcolor=blue
  14. }
  15. \usepackage{xcolor}
  17. % prevent warnings of underfull \hbox:
  18. \usepackage{etoolbox}
  19. \apptocmd{\sloppy}{\hbadness 4000\relax}{}{}
  21. \theoremstyle{definition}
  22. \newtheorem{definition}{Def}[section]
  23. \newtheorem{theorem}[definition]{Thm}
  26. \title{Notes on BLS Signatures}
  27. \author{arnaucube}
  28. \date{}
  30. \begin{document}
  32. \maketitle
  34. \begin{abstract}
  35. Notes taken while reading about BLS signatures \cite{bls-sig-eth2}. Usually while reading papers I take handwritten notes, this document contains some of them re-written to $LaTeX$.
  37. The notes are not complete, don't include all the steps neither all the proofs.
  38. \end{abstract}
  40. % \tableofcontents
  42. \section{BLS signatures}
  44. \paragraph{Key generation}
  45. $sk \in \mathbb{Z}_q$, $pk = [sk] \cdot g_1$, where $g_1 \in G_1$, and is the generator.
  47. \paragraph{Signature}
  48. $$\sigma = [sk] \cdot H(m)$$
  49. where $H$ is a function that maps to a point in $G_2$. So $H(m), \sigma \in G_2$.
  51. \paragraph{Verification}
  52. $$e(g_1, \sigma) == e(pk, H(m))$$
  54. Unfold:
  55. $$e(pk, H(m)) = e([sk] \cdot g_1, H(m) = e(g_1, H(m))^{sk} = e(g_1, [sk] \cdot H(m)) = e(g_1, \sigma))$$
  57. \paragraph{Aggregation}
  58. Signatures aggregation:
  59. $$\sigma_{aggr} = \sigma_1 + \sigma_2 + \ldots + \sigma_n$$
  60. where $\sigma_{aggr} \in G_2$, and an aggregated signatures is indistinguishible from a non-aggregated signature.
  62. \vspace{0.5cm}
  63. Public keys aggregation:
  64. $$pk_{aggr} = pk_1 + pk_2 + \ldots + pk_n$$
  65. where $pk_{aggr} \in G_1$, and an aggregated public keys is indistinguishible from a non-aggregated public key.
  68. \paragraph{Verification of aggregated signatures}
  69. Identical to verification of a normal signature as long as we use the same corresponding aggregated public key:
  70. $$e(g_1, \sigma_{aggr})==e(pk_{aggr}, H(m))$$
  72. Unfold:
  73. $$\fbox{e(pk_{aggr}, H(m))}= e(pk_1 + pk_2 + \ldots + pk_n, H(m)) =$$
  74. $$=e([sk_1] \cdot g_1 + [sk_2] \cdot g_1 + \ldots + [sk_n] \cdot g_1, H(m))=$$
  75. $$=e([sk_1 + sk_2 + \ldots + sk_n] \cdot g_1, H(m))=$$
  76. $$=[sk_1 + sk_2 + \ldots + sk_n]~\cdot~e(g_1, H(m))=$$
  77. $$=e(g_1, [sk_1 + sk_2 + \ldots + sk_n] \cdot H(m))=$$
  78. $$=e(g_1, [sk_1] \cdot H(m) + [sk_2] \cdot H(m) + \ldots + [sk_n] \cdot H(m))=$$
  79. $$=e(g_1, \sigma_1 + \sigma_2 + \ldots + \sigma_n)= \fbox{e(g_1, \sigma_{aggr})}$$
  82. Note: in the current notes $pk \in G_1$ and $\sigma, H(m) \in G_2$, but we could use $\sigma, H(m) \in G_1$ and $pk \in G_2$.
  84. \bibliography{paper-notes.bib}
  85. \bibliographystyle{unsrt}
  87. \end{document}