drand / kyber Goto Github PK
View Code? Open in Web Editor NEWThis project forked from dedis/kyber
Advanced crypto library for the Go language
License: Other
This project forked from dedis/kyber
Advanced crypto library for the Go language
License: Other
Currently we prepend a fixed tag to our mesages when we are hashing data:
Lines 132 to 138 in a780ab2
I think we should consider using keyed Blake instead of prepend the tag. It would be as simply as replacing the nil
in the Blake2s instantiation with the H3Tag
.
@nikkolasg It would simplify a bit the code and also, keyed hash functions are there exactly for this usecase, no?
See this PR comment: #28 (comment)
Presently blake2s is hardcoded into the IBE module.
We should extract the hashing logic to an interface to enable the caller to provide their own hashing function.
Blake2s should still be the default implementation for callers who don't wish to provide an alternative.
In https://github.com/drand/kyber/blob/master/share/dkg/dkg.go#L1095, the threshold should be n/2 + 1
instead of (n+1)/2
. This bug likely comes from the DEDIS original VSS implementation (see dedis#374). If the bug is confirmed, I'm happy to submit a PR.
There have been quite a few changes since the last release, can we get a new one?
While replacing circle CI with github actions, @AnomalRoil suggested running the go test runner with the race
flag to check for race conditions. This identified some race conditions in DKG code that require investigation and remediating.
During prior investigation, a data access races were identified in the StatusMatrix
struct implementation. Adding some generic RW locking worked fine on my local machine and the tests (including race condition testing) passed successfully.
On the github actions runner however the TestProtoFull
test in proto_test.go
appeared to suffer deadlock (albeit the go runtime did not detect this). Note: this deadlock does not happen without the -lock
flag
Some attempts I tried to remedy this:
resCh
in TestProtoFull
buffer size to 0 and 2 (see golang/go#48402)StatusMatrix
with RWLock
and vanilla Lock
The current interface for hashing to group elements must consider the use of domain separation strings.
This is aligned with hash to curve IETF specification. All hashes must be domain-separated, so a protocol can specify the separation when the hash is invoked as different random oracles. See more https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-hash-to-curve-16#name-domain-separation-requireme
Current:
Lines 13 to 15 in 5706fa5
Proposed:
type HashablePoint interface {
Hash(msg, dst []byte) Point
}
Current the eviction rules only look generally, but don't look if the node being evicted is himself. If it is, it should already return an error and quit the DKG. Right now, an evicted node would finish the DKG normally if being evicted and return group and share but its share would be invalid.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.