Expand description
§Secret sharing and distributed key generation
Implements Secret Sharing (SS), Verifiable Secret Sharing (VSS), Distributed Verifiable Secret Sharing (DVSS), Distributed Key Generation (DKG) and Publicly Verifiable Secret Sharing (PVSS) algorithms. DVSS and DKG do not require a trusted dealer. Also implements a distributed discrete log check.
- Shamir secret sharing (Requires a trusted dealer)
- Pedersen Verifiable Secret Sharing
- Pedersen Distributed Verifiable Secret Sharing
- Feldman Verifiable Secret Sharing
- Feldman Distributed Verifiable Secret Sharing
- Gennaro DKG from the paper Secure Distributed Key Generation for Discrete-Log Based Cryptosystems
- Distributed Key Generation from FROST
- Distributed discrete log (DLOG) check
- Publicly Verifiable Secret Sharing
- Verifiable Secret Sharing using hash-commitments
Modules§
- abcp_
dkg - Distributed Key Generation protocol as described in Fig. 4 of the paper VSS from Distributed ZK Proofs and Applications
- abcp_
ni_ tzk_ extended - Generalization of the protocol for NI-TZK for discrete logarithms described in Fig 3 of the paper VSS from Distributed ZK Proofs and Applications
Fig 3. describes a protocol for the prover sharing its witness
xfor the relationh = g^xamongnparties such that a threshold number,t, of them can reconstructx. - baghery_
pvss - Publicly verifiable secret sharing protocols
- baghery_
vss - Verifiable Secret Sharing scheme inspired by Feldman’s, but using hash function for commitment instead of elliptic curve operations. By K. Baghery.
- common
- distributed_
dlog_ check - Distributed discrete log (DLOG) check
- error
- feldman_
dvss_ dkg - Feldman Distributed Verifiable secret sharing and distributed key generation.
- feldman_
vss - Feldman Verifiable Secret Sharing Scheme. Based on the paper A practical scheme for non-interactive verifiable secret sharing
The scheme works as follows for threshold
tand totaln: - frost_
dkg - This is the keygen implemented in the FROST paper in Figure 1. This is a slight addition to the DKG based on Feldman VSS as it contains a Schnorr proof of knowledge of the secret key.
- gennaro_
dkg - Based on the paper Secure Distributed Key Generation for Discrete-Log Based Cryptosystems
Scheme is defined in Fig 2. The protocol is run in 2 phases: Phase1 where all participants generate a
secret and share it using Pedersen VSS and in Phase 2 participants distribute commitments as per
Feldman VSS and generate the public key at the end. The public key is assumed to be of the form
G*xwherexis the secret key andGis the group generator. - pedersen_
dvss - Pedersen Distributed Verifiable secret sharing. Based on the paper “Non-interactive and information-theoretic secure verifiable secret sharing”, section 5. https://www.cs.cornell.edu/courses/cs754/2001fa/129.PDF Does not involve a trusted third party but assumes that all participants (and not just threshold) participate till the end. Even if one participant aborts, the protocol needs to be restarted. A workaround is for each participant to ignore the faulty participant’s share essentially making it such that the faulty participant was never there.
- pedersen_
vss - Pedersen Verifiable secret sharing. Based on the paper “Non-interactive and information-theoretic secure verifiable secret sharing”, section 4. https://www.cs.cornell.edu/courses/cs754/2001fa/129.PDF. The basic idea is the following
- shamir_
ss - Shamir secret sharing