4个版本
| 0.1.3 | 2020年4月7日 |
|---|---|
| 0.1.2 | 2020年4月7日 |
| 0.1.1 | 2020年4月7日 |
| 0.1.0 | 2020年4月6日 |
#7 in #specify
60KB
1K SLoC
bls12_381_ietf
bls12_381_ietf是一个crate库,根据跨链标准化协议实现了IETF BLS草案标准v0,并使用了hash-to-curve v5。BLS标准指定了不同的密码套件,每个套件都有不同的功能,以适应各种使用场景。以下是从该库中可用的密码套件
G2Basic也称为BLS_SIG_BLS12381G2-SHA256-SSWU-RO-_NUL_G2MessageAugmentation也称为BLS_SIG_BLS12381G2-SHA256-SSWU-RO-_AUG_- (待定)
G2ProofOfPossession也称为BLS_SIG_BLS12381G2-SHA256-SSWU-RO-_POP_
警告:这是一个概念验证原型,尤其是尚未经过审查或审计。请自行承担风险。
安全警告
此库不对常量时间操作、内存访问模式或抵抗旁路攻击的能力提供任何保证。
待办事项
- 实现KeyGen标准
- 实现
G2ProofOfPossession - 实现签名验证
- 实现签名聚合
- 添加github actions以测试PR和提交
- 添加来自其他实现的测试向量
- 将BLS从IETF v1 -> v2更新
- 切换hash-to-field到新的v06哈希系统
- 将EIP-2333作为功能添加
命令
示例
$ cargo run --example g2basic
Compiling bls12_381_ietf v0.1.0 (/Users/edu/bls/bls12_381_ietf)
Finished dev [unoptimized + debuginfo] target(s) in 1.46s
Running `target/debug/examples/g2basic`
Public Key: 81d84ab98c774e9f4f18f17d968dbb0ada8fbb6210ac48e372813ac5f7b67f188ddf11dcd71644c7226cab56869ba6a4
Message: [email protected]
Signature: b3731f23c92afafc4d511
$ cargo run --example g2messageaugmentation
Compiling bls12_381_ietf v0.1.0 (/Users/edu/bls/bls12_381_ietf)
Finished dev [unoptimized + debuginfo] target(s) in 0.62s
Running `target/debug/examples/g2messageaugmentation`
Public Key: 8bb1ad17ca77078a500ef0780c3c3a5f0dc26290b0bfb21d2c76f1a827bed8764d7f32332dc2db3084b1faea29134ea7
Message: [email protected]!!!
Signature: b4352d55bf8e40afb0dbad2bb904dd080b74e3840850bb799a77d8c54100b652105d66a0756cb56fd4ceadc4f84863d00a6b5a839f6a275d45f569f5bc7a796089daf565229359cd676381a0926a6369ed19ce3887191c0809c1368abd68162d
Signature verified correctly!
测试
$ cargo test
Compiling bls12_381_ietf v0.1.0 (/Users/edu/bls/bls12_381_ietf)
Finished test [unoptimized + debuginfo] target(s) in 1.63s
Running target/debug/deps/bls12_381_ietf-92da16f66df5b352
running 23 tests
test optimized_swu::tests::test_sgn0_be ... ok
test optimized_swu::tests::bench_iso_map_g2 ... ok
test optimized_swu::tests::test_iso_map_g2 ... ok
test optimized_swu::tests::bench_sqrt_division_fq2 ... ok
test optimized_swu::tests::test_sqrt_division_fq2 ... ok
test tests::bench_test_priv_to_pub ... ok
test optimized_swu::tests::bench_optimized_swu_g2 ... ok
test optimized_swu::tests::test_optimized_swu_g2 ... ok
test tests::bench_keygen ... ok
test tests::test_priv_to_pub ... ok
test tests::test_keygen ... ok
test tests::bench_hash_to_g2 ... ok
test tests::test_sign_g2basic ... ok
test tests::test_verify_g2_message_augmentation_panic ... ok
test tests::bench_sign_g2basic ... ok
test tests::test_verify_g2basic_panic ... ok
test tests::bench_sign_g2_message_augmentation ... ok
test tests::test_sign_g2_message_augmentation ... ok
test tests::test_hash_to_g2 ... ok
test tests::bench_verify_g2basic ... ok
test tests::bench_verify_g2_message_augmentation ... ok
test tests::test_verify_g2_message_augmentation ... ok
test tests::test_verify_g2basic ... ok
test result: ok. 23 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out
Doc-tests bls12_381_ietf
running 0 tests
test result: ok. 0 passed; 0 failed; 0 ignored; 0 measured; 0 filtered out
基准
$ cargo bench
Compiling bls12_381_ietf v0.1.0 (/Users/edu/bls/bls12_381_ietf)
Finished bench [optimized] target(s) in 2.56s
Running target/release/deps/bls12_381_ietf-29a9ffc0e2b8dcd3
running 23 tests
test optimized_swu::tests::test_iso_map_g2 ... ignored
test optimized_swu::tests::test_optimized_swu_g2 ... ignored
test optimized_swu::tests::test_sgn0_be ... ignored
test optimized_swu::tests::test_sqrt_division_fq2 ... ignored
test tests::test_hash_to_g2 ... ignored
test tests::test_keygen ... ignored
test tests::test_priv_to_pub ... ignored
test tests::test_sign_g2_message_augmentation ... ignored
test tests::test_sign_g2basic ... ignored
test tests::test_verify_g2_message_augmentation ... ignored
test tests::test_verify_g2_message_augmentation_panic ... ignored
test tests::test_verify_g2basic ... ignored
test tests::test_verify_g2basic_panic ... ignored
test optimized_swu::tests::bench_iso_map_g2 ... bench: 7,789 ns/iter (+/- 1,293)
test optimized_swu::tests::bench_optimized_swu_g2 ... bench: 233,062 ns/iter (+/- 22,060)
test optimized_swu::tests::bench_sqrt_division_fq2 ... bench: 222,143 ns/iter (+/- 19,289)
test tests::bench_hash_to_g2 ... bench: 3,571,612 ns/iter (+/- 332,016)
test tests::bench_keygen ... bench: 258,906 ns/iter (+/- 18,152)
test tests::bench_sign_g2_message_augmentation ... bench: 3,637,884 ns/iter (+/- 393,305)
test tests::bench_sign_g2basic ... bench: 3,557,166 ns/iter (+/- 193,992)
test tests::bench_test_priv_to_pub ... bench: 17,496 ns/iter (+/- 1,461)
test tests::bench_verify_g2_message_augmentation ... bench: 9,779,860 ns/iter (+/- 2,000,297)
test tests::bench_verify_g2basic ... bench: 10,094,099 ns/iter (+/- 2,964,663)
test result: ok. 0 passed; 0 failed; 13 ignored; 10 measured; 0 filtered out
参考实现
参考文献
-
BCIMRT10:Brier, Coron, Icart, Madore, Randriam, Tibouchi. "Efficient Indifferentiable Hashing into Ordinary Elliptic Curves." Proc. CRYPTO, 2010.
-
BLS01: Boneh, Lynn, 和 Shacham. "来自Weil配对的短签名." 第十届亚洲密码学会议论文集,2001年。
-
FT12: Fouque 和 Tibouchi,"不可区分散列到Barreto-Naehrig曲线." 第十二届拉丁美洲密码学会议论文集,2012年。
-
SvdW06: Shallue 和 van de Woestijne,"有限域上椭圆曲线有理点的构造." 第十届算法数论与密码学会议论文集,2006年。
依赖关系
~4MB
~83K SLoC