Struct elastic_elgamal::ProofOfPossession
source · [−]pub struct ProofOfPossession<G: Group> { /* private fields */ }
Expand description
Zero-knowledge proof of possession of one or more secret scalars.
Construction
The proof is a generalization of the standard Schnorr protocol for proving knowledge of a discrete log. The difference with the combination of several concurrent Schnorr protocol instances is that the challenge is shared among all instances (which yields a ~2x proof size reduction).
Implementation notes
- Proof generation is constant-time. Verification is not constant-time.
Examples
let mut rng = thread_rng();
let keypairs: Vec<_> =
(0..5).map(|_| Keypair::<Ristretto>::generate(&mut rng)).collect();
// Prove possession of the generated key pairs.
let proof = ProofOfPossession::new(
&keypairs,
&mut Transcript::new(b"custom_proof"),
&mut rng,
);
proof.verify(
keypairs.iter().map(Keypair::public),
&mut Transcript::new(b"custom_proof"),
)?;
// If we change the context of the `Transcript`, the proof will not verify.
assert!(proof
.verify(
keypairs.iter().map(Keypair::public),
&mut Transcript::new(b"other_proof"),
)
.is_err());
// Likewise if the public keys are reordered.
assert!(proof
.verify(
keypairs.iter().rev().map(Keypair::public),
&mut Transcript::new(b"custom_proof"),
)
.is_err());
Implementations
sourceimpl<G: Group> ProofOfPossession<G>
impl<G: Group> ProofOfPossession<G>
sourcepub fn new<R: CryptoRng + RngCore>(
keypairs: &[Keypair<G>],
transcript: &mut Transcript,
rng: &mut R
) -> Self
pub fn new<R: CryptoRng + RngCore>(
keypairs: &[Keypair<G>],
transcript: &mut Transcript,
rng: &mut R
) -> Self
Creates a proof of possession with the specified keypairs
.
sourcepub fn verify<'a>(
&self,
public_keys: impl Iterator<Item = &'a PublicKey<G>> + Clone,
transcript: &mut Transcript
) -> Result<(), VerificationError>
pub fn verify<'a>(
&self,
public_keys: impl Iterator<Item = &'a PublicKey<G>> + Clone,
transcript: &mut Transcript
) -> Result<(), VerificationError>
Verifies this proof against the provided public_keys
.
Errors
Returns an error if this proof does not verify.
Trait Implementations
sourceimpl<G: Clone + Group> Clone for ProofOfPossession<G> where
G::Scalar: Clone,
G::Scalar: Clone,
impl<G: Clone + Group> Clone for ProofOfPossession<G> where
G::Scalar: Clone,
G::Scalar: Clone,
sourcefn clone(&self) -> ProofOfPossession<G>
fn clone(&self) -> ProofOfPossession<G>
Returns a copy of the value. Read more
1.0.0 · sourcefn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from source
. Read more
sourceimpl<G: Debug + Group> Debug for ProofOfPossession<G> where
G::Scalar: Debug,
G::Scalar: Debug,
impl<G: Debug + Group> Debug for ProofOfPossession<G> where
G::Scalar: Debug,
G::Scalar: Debug,
sourceimpl<'de, G: Group> Deserialize<'de> for ProofOfPossession<G>
impl<'de, G: Group> Deserialize<'de> for ProofOfPossession<G>
sourcefn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error> where
__D: Deserializer<'de>,
Deserialize this value from the given Serde deserializer. Read more
Auto Trait Implementations
impl<G> RefUnwindSafe for ProofOfPossession<G> where
<G as ScalarOps>::Scalar: RefUnwindSafe,
impl<G> Send for ProofOfPossession<G> where
<G as ScalarOps>::Scalar: Send,
impl<G> Sync for ProofOfPossession<G> where
<G as ScalarOps>::Scalar: Sync,
impl<G> Unpin for ProofOfPossession<G> where
<G as ScalarOps>::Scalar: Unpin,
impl<G> UnwindSafe for ProofOfPossession<G> where
<G as ScalarOps>::Scalar: UnwindSafe,
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more