Struct SecretKey 

pub struct SecretKey(/* private fields */);

A secret key; wraps a single prime field element.

Example

use threshold_pairing::SecretKey;

// Generate a new random secret key
let sk = SecretKey::random();

// Sign a message
let signature = sk.sign(b"Hello, world!");

// Get the corresponding public key
let pk = sk.public_key();
assert!(pk.verify(&signature, b"Hello, world!"));

Serde integration

SecretKey implements Deserialize but not Serialize to avoid accidental serialization in insecure contexts. To enable both use the serde_impl::SerdeSecret wrapper which implements both Deserialize and Serialize.

Security

• The secret key is zeroized on drop to prevent secret leakage.
• Equality comparison is performed in constant time to prevent timing attacks.

Implementations

impl SecretKey

pub fn from_mut(s: &mut Scalar) -> Self

Creates a new SecretKey from a mutable reference to a field element. This constructor takes a reference to avoid unnecessary stack copying/moving of secrets (i.e. the field element). The field element is copied into the SecretKey and the source is zeroized.

Security

The source scalar is zeroized after copying to prevent secret leakage.

pub fn random() -> Self

Creates a new random instance of SecretKey.

If you want to use/define your own random number generator, you should use rand::Rng::gen() instead. This method uses rand::thread_rng() internally as its RNG.

pub fn public_key(&self) -> PublicKey

Returns the matching public key.

pub fn sign_g2<H: Into<G2Affine>>(&self, hash: H) -> Signature

Signs the given element of G2.

pub fn sign<M: AsRef<[u8]>>(&self, msg: M) -> Signature

Signs the given message.

This is equivalent to sign_g2(hash_g2(msg)).

pub fn decrypt(&self, ct: &Ciphertext) -> Result<Vec<u8>>

Returns the decrypted plaintext, or an error if the ciphertext is invalid.

This method first verifies the ciphertext using Ciphertext::verify to prevent chosen-ciphertext attacks. If verification fails, Error::InvalidCiphertext is returned. The error gives no information about the decryption key, preventing oracle attacks.

Errors

Returns Error::InvalidCiphertext if the ciphertext fails the pairing-based integrity check. This may indicate tampering, corruption, or a chosen-ciphertext attack attempt.

Example

use threshold_pairing::SecretKey;

let sk = SecretKey::random();
let pk = sk.public_key();

let message = b"secret message";
let ciphertext = pk.encrypt(message);

let decrypted = sk.decrypt(&ciphertext).expect("valid ciphertext");
assert_eq!(message.to_vec(), decrypted);

Trait Implementations

impl Clone for SecretKey

fn clone(&self) -> SecretKey

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SecretKey

A debug statement where the secret prime field element is redacted.

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for SecretKey

fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>

where D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Distribution<SecretKey> for Standard

fn sample<R: Rng + ?Sized>(&self, rng: &mut R) -> SecretKey

Creates a new random instance of SecretKey. If you do not need to specify your own RNG, you should use the SecretKey::random() constructor, which uses rand::thread_rng() internally as its RNG.

fn sample_iter<R>(self, rng: R) -> DistIter<Self, R, T>

where R: Rng, Self: Sized,

Create an iterator that generates random values of T, using rng as the source of randomness.

fn map<F, S>(self, func: F) -> DistMap<Self, F, T, S>

where F: Fn(T) -> S, Self: Sized,

Create a distribution of values of ‘S’ by mapping the output of Self through the closure F

impl Drop for SecretKey

fn drop(&mut self)

Executes the destructor for this type.

impl PartialEq for SecretKey

fn eq(&self, other: &Self) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Zeroize for SecretKey

fn zeroize(&mut self)

Zero out this object from memory using Rust intrinsics which ensure the zeroization operation is not “optimized away” by the compiler.

impl Eq for SecretKey