arnaucube/math
1
1
Fork 0
mirror of https://github.com/arnaucube/math.git synced 2026-01-10 16:01:31 +01:00
Code Issues Projects Releases Wiki Activity

paper-notes: add BLS signatures notes

Browse Source
This commit is contained in:
arnaucube
2022-07-16 16:42:36 +02:00
parent 1d65a57e49
commit 9bdd887377
3 changed files with 49 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
paper-notes.bib
View File

@@ -23,3 +23,11 @@
note = {\url{https://www.iacr.org/archive/asiacrypt2010/6477178/6477178.pdf}}, note = {\url{https://www.iacr.org/archive/asiacrypt2010/6477178/6477178.pdf}},
url = {https://www.iacr.org/archive/asiacrypt2010/6477178/6477178.pdf} url = {https://www.iacr.org/archive/asiacrypt2010/6477178/6477178.pdf}
} }
@misc{bls-sig-eth2,
author = {Eth2.0},
title = {Eth2.0 book - BLS signatures},
year = {2010},
note = {\url{https://eth2book.info/altair/part2/building_blocks/signatures}},
url = {https://eth2book.info/altair/part2/building_blocks/signatures}
}

BIN
paper-notes.pdf
View File

Binary file not shown.

41
paper-notes.tex
View File

@@ -193,6 +193,47 @@ where $\sigma_j$ is the fixed polynomial permutation, and $\phi_{j, i} \in \math
\framebox{WIP} \framebox{WIP}
\vspace{1cm} \vspace{1cm}
\section{BLS signatures}
Notes taken while reading about BLS signatures \cite{bls-sig-eth2}.
\paragraph{Key generation}
$sk \in \mathbb{Z}_q$, $pk = [sk] \cdot g_1$, where $g_1 \in G_1$, and is the generator.
\paragraph{Signature}
$$\sigma = [sk] \cdot H(m)$$
where $H$ is a function that maps to a point in $G_2$. So $H(m), \sigma \in G_2$.
\paragraph{Verification}
$$e(g_1, \sigma) == e(pk, H(m))$$
Unfold:
$$e(pk, H(m)) = e([sk] \cdot g_1, H(m) = e(g_1, H(m))^{sk} = e(g_1, [sk] \cdot H(m)) = e(g_1, \sigma))$$
\paragraph{Aggregation}
Signatures aggregation:
$$\sigma_{aggr} = \sigma_1 + \sigma_2 + \ldots + \sigma_n$$
where $\sigma_{aggr} \in G_2$, and an aggregated signatures is indistinguishible from a non-aggregated signature.
\paragraph{Public keys aggregation}
$$pk_{aggr} = pk_1 + pk_2 + \ldots + pk_n$$
where $pk_{aggr} \in G_1$, and an aggregated public keys is indistinguishible from a non-aggregated public key.
\paragraph{Verification of aggregated signatures}
Identical to verification of a normal signature as long as we use the same corresponding aggregated public key:
$$e(g_1, \sigma_{aggr})==e(pk_{aggr}, H(m))$$
Unfold:
$$e(pk_{aggr}, H(m))=e(pk_1 + pk_2 + \ldots + pk_n, H(m))=$$
$$=e([sk_1] \cdot g_1 + [sk_2] \cdot g_1 + \ldots + [sk_n] \cdot g_1, H(m))=$$
$$=e([sk_1 + sk_2 + \ldots + sk_n] \cdot g_1, H(m))=$$
$$=e(g_1, H(m))^{(sk_1 + sk_2 + \ldots + sk_n)}=$$
$$=e(g_1, [sk_1 + sk_2 + \ldots + sk_n] \cdot H(m))=$$
$$=e(g_1, [sk_1] \cdot H(m) + [sk_2] \cdot H(m) + \ldots + [sk_n] \cdot H(m))=$$
$$=e(g_1, \sigma_1 + \sigma_2 + \ldots + \sigma_n)=e(g_1, \sigma_{aggr})$$
\bibliography{paper-notes.bib} \bibliography{paper-notes.bib}
\bibliographystyle{unsrt} \bibliographystyle{unsrt}