Struct Avk 

pub struct Avk<H>
where
    H: Digest,
{ /* private fields */ }

An ATMS aggregate key, Avk, contains a vector commitment of all eligible signers, and the aggregated key. Any third party with access to the public keys from all eligible signers can generate an aggregate key.

Let $\mathcal{VK} = \lbrace vk_i\rbrace_{i\in Es}$.

$$ avk = \left(\sum_{i\in Es}vk_i, \langle \mathcal{VK}\rangle\right) $$

In order to generate an Avk, it is necessary to previously produce a valid registration of all eligible signers. This guarantees that an Avk is only generated with keys with a valid proof of possession. Otherwise, an adversary could produce what is known as the “rogue key attack”.

Implementations

impl<H> Avk<H>

where H: Digest + FixedOutput,

pub fn check(&self, keys: &[PublicKeyPoP]) -> Result<(), AtmsError>

In order to verify the correctness of a key aggregation, one simply recomputes the aggregation for a given set, and checks that it matches the expected value.

Error

The function returns AtmsError::InvalidPoP if one of the proofs of possession is invalid, and AtmsError::RegisterExistingKey if the input tuple contains a repeated key.

Example

let n = 10; // nr of eligible signers
let threshold: usize = n - ((n - 1) / 3);
let mut rng = OsRng;

let mut keyspop: Vec<PublicKeyPoP> = Vec::with_capacity(n);
for _ in 0..n {
    let sk = SigningKey::gen(&mut rng);
    let pkpop = PublicKeyPoP::from(&sk);
    keyspop.push(pkpop);
}

let atms_registration = Registration::<Blake2b>::new(&keyspop)?;
assert!(atms_registration.to_avk().check(&keyspop).is_ok());

pub fn to_bytes(&self) -> Vec<u8>

Convert Avk to byte string of size $48 + 8 + S$ where $S$ is the output size of the hash function.

Layout

The layout of an Avk is

• Aggregate key
• Nr of parties
• Merkle tree commitment

pub fn from_bytes(bytes: &[u8]) -> Result<Self, AtmsError>

Try to convert a byte string to an Avk. This function must be used in a setting where there exists a source of truth, and the verifier can check that the provided Avk is valid (e.g. through a signature of trusted authority).

Error

Function fails if the byte representation corresponds to an invalid Avk

Trait Implementations

impl<H> Debug for Avk<H>

where H: Digest + Debug,

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<H: Digest> PartialEq for Avk<H>

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl<H: Digest> Eq for Avk<H>