github.com/dusk-network/dusk-crypto@v0.1.3/README.md

github.com/dusk-network/dusk-crypto@v0.1.3/README.md (about)

     1  ## dusk-crypto: Cryptography Module
     2  ### Overview
     3  #### BN-256
     4  Optimal ate pairing over 256 bit Barretto-Naehrig curves providing approximately 96 bits of security [1]. Dusk Network BN-256 library can be found [here](https://github.com/dusk-network/bn256).
     5  
     6  #### BLS
     7  Boneh-Lynn-Shacham signatures use BN256 to provide a short aggregateable signature scheme [2]. Trivially since signatures are elements of an elliptic curve, they are short and since elliptic curves do not have a ring structure, they are not susceptible to index-calculus attacks. Dusk Network BLS library provides the full implementation of the next generation BLS Multisignature with Public Key aggregation [3]. This improves on the the previous algorithm by providing:
     8  
     9  * protection versus rogue-key attack. 
    10  * aggregation of multiple public keys. 
    11  * aggregation of multiple signatures. 
    12  * a method for hashing to the curve.
    13  * (multi-) signature compression and compression verification
    14  
    15  #### bLSAG
    16  A linkable ring signature scheme whose security is based on the Discrete Logarithm Problem [4]. The signature size grows linearly with the number of members in the ring. This is a zero knowledge proof where we prove that at most one member from the ring has signed a given message from the provided public keys, without revealing which member has signed.
    17  
    18  #### Range Proof
    19  A proof that an element x is within a discrete set [0, 2^N], where in our case N is 64. This is a zero knowledge proof, where we prove that this element is within the given range without providing any extra information. This specific rangeproof uses the Bulletproof protocol [5], which uses a inner profuct proof of knowledge to compress the final vectors. Due to the inner product, the rangeproof grows logarithmically with N.
    20  
    21  ### References
    22  [1] Naehrig, M.; Niederhagen, R.; Schwabe, P. (2010). New software speed records for cryptographic pairings. Link:
    23  https://cryptojedi.org/papers/dclxvi-20100714.pdf
    24  
    25  [2] Boneh, D.; Lynn, B.; Shacham, H. (2016). Short signatures from the Weil pairing. Link: https://www.iacr.org/archive/asiacrypt2001/22480516.pdf
    26  
    27  [3] Boneh, D.; Drijvers, M.; Neven, G. (2018). Compact Multi-Signatures for Smaller Blockchains. Link: https://eprint.iacr.org/2018/483.pdf
    28  
    29  [4] Back, A. (2015). Ring signature efficiency. Link: https://bitcointalk.org/index.php?topic=972541
    30  
    31  [5] Bunz, B.; Bootle, J.; Boneh, D.; Poelstra, A.; Wuille, P.; Maxwell, G. (2017). Bulletproofs: Short Proofs for Confidential Transactions and More. Link: https://eprint.iacr.org/2017/1066.pdf