Skip to content

Latest commit

 

History

History
48 lines (33 loc) · 3.37 KB

DESIGN.md

File metadata and controls

48 lines (33 loc) · 3.37 KB

The given code implements the Chaum-Pedersen protocol in two different versions: one based on discrete logarithms and the other based on elliptic curves. The Chaum-Pedersen protocol is typically used for proving that the discrete logarithms of two known values are equal to a third, unknown value without revealing the value itself. This is commonly used in cryptographic protocols, particularly in zero-knowledge proofs.

Key Components

  1. Imports and Dependencies:

    • curve25519_dalek: A Rust library that provides implementations for the Ristretto group, a prime order group using elliptic curves.
    • num_bigint, num_traits: Libraries for big integer arithmetic.
    • rand: A library for generating random numbers.
  2. Params Structure:

    • Params is a generic struct that holds the base parameters for the protocol: g, h, p, and q. These parameters have type T, which allows the struct to be used for both discrete logarithm and elliptic curve versions.
  3. ChaumPedersen Trait:

    • A trait defining the common interface for the Chaum-Pedersen protocol, including methods for creating new instances, calculating commitments, committing, generating challenges, calculating responses, and verification.
  4. DiscreteLogChaumPedersen Struct:

    • An implementation of the ChaumPedersen trait for the discrete logarithm version. It uses BigUint for its computations.
  5. EllipticCurveChaumPedersen Struct:

    • An implementation of the ChaumPedersen trait for the elliptic curve version. It uses RistrettoPoint and Scalar from the curve25519_dalek library.
  6. execute_protocol Function:

    • A generic function to execute the protocol. It takes a mutable reference to a protocol instance, the parameters, and the secret x. It goes through the steps of the protocol: calculate commitment, commit, challenge, calculate response, and verify.

Chaum-Pedersen Protocol Steps (Discrete Log Version)

  1. calculate_commitment: Calculates the commitments y1, y2, r1, r2, and a random value k.
  2. commit: Stores the commitment values in the protocol instance.
  3. challenge: Generates and returns a random challenge c.
  4. calculate_response: Calculates the response s based on k, c, and the secret x.
  5. verify: Verifies if the calculated response s is valid.

Chaum-Pedersen Protocol Steps (Elliptic Curve Version)

  1. calculate_commitment: Similar to the discrete log version, but uses elliptic curve operations.
  2. commit: Stores the commitment values in the protocol instance.
  3. challenge: Generates and returns a random challenge c.
  4. calculate_response: Calculates the response s using elliptic curve arithmetic.
  5. verify: Verifies if the calculated response s is valid using elliptic curve operations.

main Function

  1. Demonstrates the usage of the discrete logarithm version of the protocol with randomly generated secret x and fixed parameters g, h, p, and q.
  2. Demonstrates the usage of the elliptic curve version with a secret x, basepoint g, and randomly generated h.

Summary

The code provides a flexible implementation of the Chaum-Pedersen protocol for both discrete logarithm and elliptic curve settings. It demonstrates the essential steps of the protocol: commitment, challenge, response, and verification, allowing users to execute zero-knowledge proofs securely.