bls12-381
bls12-381 copied to clipboard
kilic
High-speed BLS12-381 implementation in Go
Currently, the `Affine` function is calling `g.affine(p, p)`: https://github.com/kilic/bls12-381/blob/3a0f2553a3b9888a7201144592780f2300ad9ffb/g1.go#L336-L338 But then it changes the underlying point `p`, because of this `Set`: https://github.com/kilic/bls12-381/blob/3a0f2553a3b9888a7201144592780f2300ad9ffb/g1.go#L352-L355 This is unexpected from a function that's supposed...
This is merely a port of the existing batch inverse routine in [fp](https://github.com/kilic/bls12-381/blob/master/fp.go#L193). It has the same performance characteristics as fp's.
The HashToCurve functions are currently hard-coded to use the little-endian variant (https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-06#section-4.1.2) of sgn0. It would be helpful if there was an additional option to use the big-endian variant (https://tools.ietf.org/html/draft-irtf-cfrg-hash-to-curve-06#section-4.1.1).
Changed InCorrectSubgroup to M. Scott's method in https://eprint.iacr.org/2021/1130 On i7-3770 CPU @ 3.40GHz BenchmarkG2SubgroupCheck-8 153520 ns/op BenchmarkG2SubgroupCheckOld-8 167288 ns/op
This is **experimental**, just for illustration, it needs review, and maybe some of the changes are worthwhile. The wnaf type: - Didn't allocate enough when creating it, and keeps appending...
While investigating [this issue](https://github.com/gballet/go-verkle/issues/50) in our verkle tree library, we figured out that there is a re-entrancy issue in EC point multiplication. A description and a test to reproduce the...
Used kilic#15 as a reference. We need this hash function configurability because BBS+ signature schema (reference implementation is https://github.com/hyperledger/ursa/tree/master/libzmix/bbs) uses blake2d hash.
We would like to use the g1 package with the blake2b hash function. It would be helpful if you could expose a function that permits any hash function to be...
This library takes place in the security audit of [drand project](https://drand.love/blog/2020/08/10/drand-launches-v1-0/) carried by [SigmaPrime](https://sigmaprime.io). Report can be found [here](https://drive.google.com/file/d/1fCy1ynO78gJLCNbqBruzHx7bh72Tu-q2/view) All issues related with this library in the report are resolved...
