Skip to content
Snippets Groups Projects
Unverified Commit f6b6cf58 authored by lunfardo314's avatar lunfardo314 Committed by GitHub
Browse files

BLS signatures: fixes and improvements (#315)

* minor bug fix

* BLS signatures: bug fix in test, removed unnecessary function, added new test

* BLS signatures: bug fix in test, removed unnecessary function, added new test

* BLS signatures: bug fix in test, removed unnecessary function, added new test

* BLS signatures: bug fix in test, removed unnecessary function, added new test

* BLS signatures: bug fix in test, removed unnecessary function, added new test
parent aae4b1ec
No related branches found
No related tags found
No related merge requests found
......@@ -27,5 +27,6 @@ require (
go.uber.org/zap v1.14.0
golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073
golang.org/x/net v0.0.0-20200301022130-244492dfa37a
golang.org/x/tools v0.0.0-20200330040139-fa3cc9eebcfe // indirect
gopkg.in/src-d/go-git.v4 v4.13.1
)
......@@ -314,6 +314,7 @@ github.com/xdg/scram v0.0.0-20180814205039-7eeb5667e42c/go.mod h1:lB8K/P019DLNhe
github.com/xdg/stringprep v1.0.0/go.mod h1:Jhud4/sHMO4oL310DaZAKk9ZaJ08SJfe+sJh0HrGL1Y=
github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
go.dedis.ch/fixbuf v1.0.3 h1:hGcV9Cd/znUxlusJ64eAlExS+5cJDIyTyEG+otu5wQs=
go.dedis.ch/fixbuf v1.0.3/go.mod h1:yzJMt34Wa5xD37V5RTdmp38cz3QhMagdGoem9anUalw=
go.dedis.ch/kyber/v3 v3.0.4/go.mod h1:OzvaEnPvKlyrWyp3kGXlFdp7ap1VC6RkZDTaPikqhsQ=
......@@ -368,6 +369,8 @@ golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f h1:J5lckAjkw6qYlOZNj90mLYNT
golang.org/x/lint v0.0.0-20191125180803-fdd1cda4f05f/go.mod h1:5qLYkcX4OjUUV8bRuDixDT3tpyyb+LUpUlRWLxfhWrs=
golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
golang.org/x/mod v0.2.0 h1:KU7oHjnv3XNWfa5COkzUifxZmxp1TyI7ImMXqFxLwvQ=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
......@@ -381,6 +384,7 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn
golang.org/x/net v0.0.0-20190522155817-f3200d17e092/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20190724013045-ca1201d0de80/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0=
golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
......@@ -433,11 +437,16 @@ golang.org/x/tools v0.0.0-20190729092621-ff9f1409240a/go.mod h1:jcCCGcm9btYwXyDq
golang.org/x/tools v0.0.0-20191004055002-72853e10c5a3/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20191125144606-a911d9008d1f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
golang.org/x/tools v0.0.0-20200103221440-774c71fcf114 h1:DnSr2mCsxyCE6ZgIkmcWUQY2R5cH/6wL7eIxEmQOMSE=
golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
golang.org/x/tools v0.0.0-20200330040139-fa3cc9eebcfe h1:sOd+hT8wBUrIFR5Q6uQb/rg50z8NjHk96kC4adwvxjw=
golang.org/x/tools v0.0.0-20200330040139-fa3cc9eebcfe/go.mod h1:Sl4aGygMT6LrqrWclx+PTx3U+LnKx/seiNR+3G19Ar8=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
google.golang.org/api v0.0.0-20180910000450-7ca32eb868bf/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
google.golang.org/api v0.0.0-20181030000543-1d582fd0359e/go.mod h1:4mhQ8q/RsB7i+udVvVy5NUi08OU8ZlA0gRVgrF7VFY0=
google.golang.org/api v0.1.0/go.mod h1:UGEZY7KEX120AnNLIHFMKIo4obdJhkp2tPbaPlQx13Y=
......
......@@ -14,13 +14,13 @@ import (
"github.com/iotaledger/goshimmer/packages/binary/valuetransfer/address"
)
// BLS implements BLS signature scheme which is robust against rogue public key attacks, or BDN
// it uses go.dedis/kyber library
// more info https://github.com/dedis/kyber/blob/master/sign/bdn/bdn.go
// usually BLS signatures are used as threshold signatures.
// bls.go implements BLS signature scheme which is robust against rogue public key attacks,
// called "Boneh-Drijvers-Neven" or BDN
// It uses go.dedis/kyber library. More info https://github.com/dedis/kyber/blob/master/sign/bdn/bdn.go
// Often BLS signatures are used as threshold signatures.
// This package doesn't implement any threshold signature related primitives.
// it only contains what is needed for the node to check validity of the BLS signatures against addresses
// and also minimum signing required for testing
// it only contains what is needed for the node to check validity of the BLS signatures against addresses,
// signature aggregation function and minimum signing required for testing
var suite = bn256.NewSuite()
const (
......@@ -41,7 +41,6 @@ type blsSignatureScheme struct {
var rnd = random.New(rand.New(rand.NewSource(42)))
// RandBLS creates a RANDOM instance of a signature scheme, that is used to sign the corresponding address.
// mostly intended for testing.
// only for testing: each time same sequence!
func RandBLS() SignatureScheme {
ret := &blsSignatureScheme{}
......@@ -49,7 +48,7 @@ func RandBLS() SignatureScheme {
return ret
}
// BLS creates an instance of BLS signature scheme
// BLS(,) creates an instance of BLS signature scheme
// from given private and public keys in marshaled binary form
func BLS(priKey, pubKey []byte) (SignatureScheme, error) {
if len(priKey) != BLS_PRIVATE_KEY_SIZE || len(pubKey) != BLS_PUBLIC_KEY_SIZE {
......@@ -168,36 +167,6 @@ func (sig *blsSignature) String() string {
return base58.Encode(sig[:])
}
func AggregateBLSSignatureSchemes(sigSchemes ...SignatureScheme) (SignatureScheme, error) {
priKeys := make([]kyber.Scalar, len(sigSchemes))
pubKeys := make([]kyber.Point, len(sigSchemes))
for i, s := range sigSchemes {
ss, ok := s.(*blsSignatureScheme)
if !ok {
return nil, fmt.Errorf("not a BLS signature scheme")
}
priKeys[i] = ss.priKey
pubKeys[i] = ss.pubKey
}
aggregatedPriKey := suite.G2().Scalar().Zero()
// sum up all private keys
for i := range priKeys {
aggregatedPriKey = aggregatedPriKey.Add(aggregatedPriKey, priKeys[i])
}
mask, _ := sign.NewMask(suite, pubKeys, nil)
for i := range pubKeys {
_ = mask.SetBit(i, true)
}
aggregatedPubKey, err := bdn.AggregatePublicKeys(suite, mask)
if err != nil {
return nil, err
}
return &blsSignatureScheme{
priKey: aggregatedPriKey,
pubKey: aggregatedPubKey,
}, nil
}
func AggregateBLSSignatures(sigs ...Signature) (Signature, error) {
if len(sigs) == 0 {
return nil, fmt.Errorf("must be at least one signature to aggregate")
......
......@@ -4,20 +4,41 @@ import (
"testing"
"github.com/magiconair/properties/assert"
"github.com/mr-tron/base58"
)
var dataToSign = []byte("Hello Boneh-Lynn-Shacham (BLS) --> Boneh-Drijvers-Neven (BDN)")
func TestBLS_base(t *testing.T) {
blsSigScheme := RandBLS()
t.Logf("generating random BLS signature scheme: %s\n", blsSigScheme.(*blsSignatureScheme).String())
signature := blsSigScheme.Sign(dataToSign)
func TestBLS_rndSigScheme(t *testing.T) {
sigScheme := RandBLS()
t.Logf("generating random BLS signature scheme: %s\n", sigScheme.(*blsSignatureScheme).String())
signature := sigScheme.Sign(dataToSign)
assert.Equal(t, blsSigScheme.Address(), signature.Address())
assert.Equal(t, sigScheme.Address(), signature.Address())
res := signature.IsValid(dataToSign)
assert.Equal(t, res, true)
}
const (
priKeyTest = "Cjsu52qf28G4oLiUDcimEY7SPbWJQA9zoKCNi4ywMxg"
pubKeyTest = "28LgNCDp52gTotmd21hcEXKar5tTyxuJKqQdGHCJnZ5Z1M7Rdh4Qo2BYC3s3NicLD99tZ3yX9mZvRmsnQLMRcHnzqgq2CQp7CYWCKfTUT9yzJKUTQ4JmN2DhSkSNc5kau4KE8PRGByQxpiYQq4DRF4Qb3Dn4cHmhTrDi9xQiYTxoAYW"
)
func TestBLS_sigScheme(t *testing.T) {
priKeyBin, err := base58.Decode(priKeyTest)
assert.Equal(t, err, nil)
pubKeyBin, err := base58.Decode(pubKeyTest)
assert.Equal(t, err, nil)
sigScheme, err := BLS(priKeyBin, pubKeyBin)
assert.Equal(t, err, nil)
signature := sigScheme.Sign(dataToSign)
assert.Equal(t, sigScheme.Address(), signature.Address())
assert.Equal(t, signature.IsValid(dataToSign), true)
}
// number of signatures to aggregate
const numSigs = 100
......@@ -29,16 +50,13 @@ func TestBLS_aggregation(t *testing.T) {
sigSchemes[i] = RandBLS()
sigs[i] = sigSchemes[i].Sign(dataToSign)
}
aggregatedSig1, err := AggregateBLSSignatures(sigs...)
// aggregate 2 signatures
a01, err := AggregateBLSSignatures(sigs[0], sigs[1])
assert.Equal(t, err, nil)
assert.Equal(t, a01.IsValid(dataToSign), true)
assert.Equal(t, aggregatedSig1.IsValid(dataToSign), true)
aggregatedScheme, err := AggregateBLSSignatureSchemes(sigSchemes...)
// aggregate N signatures
aN, err := AggregateBLSSignatures(sigs...)
assert.Equal(t, err, nil)
if err == nil {
aggregatedSig2 := aggregatedScheme.Sign(dataToSign)
assert.Equal(t, aggregatedSig2, aggregatedSig2)
}
assert.Equal(t, aN.IsValid(dataToSign), true)
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment