Module proj_crypto::asymmetric::commitments
[−]
[src]
Implementation of Pedersen's Commitment scheme http://download.springer.com/static/pdf/357/chp%253A10.1007%252F3-540-46766-1_9.pdf
The implementation here is likely to be particularly sketchy as I really do not understand the maths behind the discrete logarithm problem. The advice not to use this for anything important holds particularly strongly here.
Example - Homomorphic Commitments
This example demonstrates the homorphic properties of Pedersen Commitments.
use proj_crypto::asymmetric::commitments::*; use gmp::mpz::Mpz; sodiumoxide::init(); let co_eff1 = Mpz::from(rand_u64()); let co_eff2 = Mpz::from(rand_u64()); let data1 = Mpz::from(rand_u64()); let data2 = Mpz::from(rand_u64()); let result = data1.clone()*co_eff1.clone() + data2.clone()*co_eff2.clone(); // assume this does not become greater than p let params = gen_dh_params().unwrap(); // this step can take a long time let a = random_a(¶ms.1); let a_result = (a.clone()*co_eff1.clone() + a.clone()*co_eff2.clone()).modulus(¶ms.0); let context1 = CommitmentContext::from_opening((data1, a.clone()), params.clone()).unwrap(); let context2 = CommitmentContext::from_opening((data2, a.clone()), params.clone()).unwrap(); let context_result = CommitmentContext::from_opening((result, a_result), params.clone()).unwrap(); let commit1 = context1.to_commitment(); let commit2 = context2.to_commitment(); let commit_result = context_result.to_commitment(); let commit_blind_result = (commit1 * co_eff1) + (commit2 * co_eff2); assert!(commit_result == commit_blind_result);
Structs
| Commitment |
The commitment its self as one would share along a wire |
| CommitmentContext |
A structure containing all the data relating to a commitment. This contains secrets. Drop has been implemented for Mpz to clear the memory when it goes out of scope. |
Functions
| gen_dh_params |
Generates diffie-hellman parameters appropriate for use with the commitments. |
| random_a |
Return a suitable value for a to use in an opening |
| read_dhparams |
Reads and validates DHParams from a file |
| verify_dh_params |
Verify a DHParameters instance |
| write_dhparams |
Writes DHParams to a file |
Type Definitions
| DHParams |
(p, q, g, h) where g and h are the bases suitable to be raised to a power forming the discrete logarithm problem, q is the subgroup in Z_p in which we will perform computations and p is the large prime which forms the large group. Calculations are done modulo p. |
| Opening |
The data required to open a commitment: the data committed to and the random integer a |