mattrglobal / bbs-signatures-spec Goto Github PK
View Code? Open in Web Editor NEWDefinition of the BBS Digital Signature Scheme
Home Page: https://mattrglobal.github.io/bbs-signatures-spec/
Definition of the BBS Digital Signature Scheme
Home Page: https://mattrglobal.github.io/bbs-signatures-spec/
Rather than adding required-reveal statements at a higher level (like linked data proofs) where they are difficult or impossible to enforce, for the next draft I think it would be beneficial to tie signature generation and verification to this information.
There are a few ways that this could be done, but I think that adding a required-reveal flag to the message generators is a good approach. For example, at the moment h[i]
is defined as hash_to_curve_g1( w || I2OSP(0, 1) || I2OSP(i + 1, 4) || I2OSP(0, 1) || I2OSP(count, 4) )
. The input to the hash could be extended with the required-reveal state of that message index, I2OSP(ri, 1)
where ri
is 0 or 1. For use cases where required-reveal statements are not important, the set of indices would be omitted and default to 0 for each index.
SpkVerify
would be updated to take the required-reveal indices into account and reject verification when the message input is not provided.
If possible, it would be awesome to have deterministic signatures, so that test vectors / higher order data structures can be made stable.
The bbs
crate currently follows draft 5, which is incompatible with later drafts. This needs to be added to the current spec as the values of the message generators will change depending on the draft version.
The spec currently says that this function returns a point in G1. I believe this is intended to be G2?
hash_to_curve_g2(ostr) -> P
The cryptographic hash function that takes as an arbitrary octet string input and returns a point in **G1** as defined in [I-D.irtf-cfrg-hash-to-curve]. The algorithm is BLS12381G2_XMD:BLAKE2B_SSWU_RO, i.e use Blake2b-512 as part of expand message digest, apply the isogeny simplified SWU map to compute a point in G2 using the random oracle method. The domain separation tag value is dst.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.