This is the general interface for the discrete logarithm prime-order group.
First message from the prover (message a
of SigmaProtocol
)
common interface for both Prover and Verifier
Construct a new SigmaProp value representing public key of Diffie Hellman signature protocol.
Construct a new SigmaProp value representing public key of Diffie Hellman signature protocol. Common input: (g,h,u,v)
The message sent by a prover to its associated verifier as part of a sigma protocol interaction.
Second message from the prover (message z
of SigmaProtocol
)
Abstract template for sigma protocols.
Abstract template for sigma protocols. For details see the following book [1] Efficient Secure Two-Party Protocols - Techniques and Constructions, p.150)
Sigma Protocol transcript enough for verification
The message sent by a verifier to its associated prover as part of a sigma protocol interaction.
Helper extractor to match SigmaProp values and extract ProveDHTuple out of it.
This is the general interface for the discrete logarithm prime-order group. Every class in the DlogGroup family implements this interface.
The discrete logarithm problem is as follows: given a generator g of a finite group G and a random element h in G, find the (unique) integer x such that
g^x = h
.
In cryptography, we are interested in groups for which the discrete logarithm problem (Dlog for short) is assumed to be hard. The most known groups of that kind are some Elliptic curve groups.
Another issue pertaining elliptic curves is the need to find a suitable mapping that will convert an arbitrary message (that is some binary string) to an element of the group and vice-versa.
Only a subset of the messages can be effectively mapped to a group element in such a way that there is a one-to-one injection that converts the string to a group element and vice-versa.
On the other hand, any group element can be mapped to some string.
In this case, the operation is not invertible. This functionality is implemented by the functions:
encodeByteArrayToGroupElement(binaryString: Array[Byte]): ElemType
decodeGroupElementToByteArray(element: ElemType) : Array[Byte]
mapAnyGroupElementToByteArray(element: ElemType): Array[Byte]
The first two work as a pair and decodeGroupElementToByteArray is the inverse of encodeByteArrayToGroupElement, whereas the last one works alone and does not have an inverse.
is concrete type