Java BLS签名聚合

时间:2018-02-06 20:03:02

标签: java algorithm cryptography elliptic-curve

定义:BLS签名聚合正在对 n 不同的消息进行 n 签名,并将它们聚合成一个与其余签名具有相同长度范围的短签名。组合的短签名以及原始消息和公钥应该使验证者相信每条消息都是由公钥的所有者签名的。有关它的更多详细信息,请参阅this论文。

我已在implemented库顶部成功JPBC BLS签名聚合。但结果导致性能非常差,而且由于某种原因我无法用原生API包装它......

我希望切换到IAIK-JCE,它们提供256位的实现 3型BN(Barreto Naehrig)椭圆曲线。

但是他们的实施需要比我能提供的更多的数学知识。我被困在生成私钥的第一步。

您能帮助我吗?请构建一个简单的示例来签署和验证单个邮件吗?

以下是我从 IAIK-JCE 到目前为止的代码示例:

   /**
     * Contains some basic pairing examples, including the usage of Type-2 and
     * Type-3 curves and hashing onto curves (onto curve 1 for Type-2 and onto
     * curve 1 and 2 for Type-3 pairings). Note that hashing to curve 2 is not
     * possible in case of Type-2 pairings.
     *
     * @param size the size of the curve to be used
     * @throws NoSuchAlgorithmException
     */
    private static void run(final int size) throws NoSuchAlgorithmException {
        // create Type-3 pairing
        final Pairing pairing3 = AtePairingOverBarretoNaehrigCurveFactory
                .getPairing(PairingTypes.TYPE_3, size);

        EllipticCurve g1 = pairing3.getGroup1();
        EllipticCurve g2 = pairing3.getGroup2();
        GenericField target = pairing3.getTargetGroup();


        System.out.println("---");
        System.out.println("Type-3 pairing:");
        System.out.println("G1: " + g1);
        System.out.println("G2: " + g2);
        System.out.println("target group: " + target);

        // obtain generators of the two curves
        ECPoint g1Generator = g1.getGenerator();
        ECPoint g2Generator = g2.getGenerator();

        System.out.println("---");
        System.out.println("p = " + g1Generator);
        System.out.println("q = " + g2Generator);

        // compute pairing of p and q
        GenericFieldElement t = pairing3.pair(g1Generator, g2Generator);

        System.out.println("---");
        System.out.println("e(p,q) = " + t);

        // hash onto curve 1
        final ECPoint p2 = g1.hashToPoint(iaik.utils.Util.toByteArray("Test hashing onto curve 1"));


        // get scalars
        final SecureRandom random = SecurityStrength
                .getSecureRandom(SecurityStrength.getSecurityStrength(g1.getField().getFieldSize()));
        BigInteger k1 = new BigInteger(size - 1, random);
        BigInteger k2 = new BigInteger(size - 1, random);

        // multiply points from curve 2 with scalars
        ECPoint r = g2Generator.clone().multiplyPoint(k1);
        ECPoint s = g2Generator.clone().multiplyPoint(k2);

        System.out.println("r: " + r);
        System.out.println("s: " + s);


        // compute pairing of p2 and r, and p2 and s
        GenericFieldElement[] ts = pairing3.pair(p2, new ECPoint[]{r, s});

        System.out.println("e(p2,r) = " + ts[0]);
        System.out.println("e(p2,s) = " + ts[1]);

        // hash onto curve 2
        final ECPoint q2 = g2.hashToPoint(iaik.utils.Util.toByteArray("Test hashing onto curve 2"));

        // multiply points from curve 1 with scalars
        r = g1Generator.clone().multiplyPoint(k1);
        s = g1Generator.clone().multiplyPoint(k2);

        // compute pairing of q2 and r, and q2 and s
        ts = pairing3.pair(new ECPoint[]{r, s}, q2);

        System.out.println("e(r,q2) = " + ts[0]);
        System.out.println("e(s,q2) = " + ts[1]);

        System.out.println("---");
    }

    @Override
    public boolean run() {
        System.out.println("IAIK Pairing Demo");
        System.out.println();

        try {
            run(256);
        } catch (final Exception e) {
            System.out.println("Error: " + e.getMessage());

            return false;
        }

        return true;
    }

    public static void main(final String[] args) {
        new Main().run();
    }

它输出:

---
Type-3 pairing:
G1: ext. Jacobian E/F_ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c349b w. a=00000000, b=00000003
G2: ext. Jacobian E/F_ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c349b/(X^2-ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c349a) w. a=00000000 + 00000000i, b=00000003 + 00000003i
target group: (F_ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c349b/(X^2-ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c349a))/(X^6-(00000001 + 00000001i))
---
p = (00000001 : ba139ec2401edc28fb605c6b53e289b51311aca0d477df46feee89b1622c3499 : 00000001 : 00000001)
q = (699235e63bd94d51548c2e1d57dd658d238fd96fe418721c59172a4eb324274c + 0f3516436dbce492a68ebb406bc515ab8ebd2925caf01c711e75c422e6c8aca3i : 88357041e9bd66d654703ddbee1b0de7a9c0f6a430791e083176a5610efef314 + 737ce191f291c8845d5ca6cc8a76f0d20f31fd3b444e88984e1b267846268d8ai : 00000001 + 00000000i : 00000001 + 00000000i)
---
e(p,q) = (a94dd52af16ac4c868f6a65e8afbd7b7da5ac83b6bf3dc56006a02cb2593cd0c + 7bd8e09b5b3a3848d37eab855ff7b36d1bc4d6585868faf39af11e9e05a1d2aai, 60f12ec3f44243e53f9439a119838b7d5705ccbf6a2bbca5adeddc386f17f586 + 5f7cab2ac94c95ecb2e88d6bb3e65d81a0116ca60fdb4f0f3eb2614f149e1c9ai, 2983e255eec9d20f9f898506358c5f69ecffc8d936c68f879fe771e0335d87d4 + 905a0fcee353d979c5ab5eccd43e475eaf36dd4f4caa92b5f0d48c9a974be3dai, 3953c0b4af9af99855b6d2d15c0f5f2db3abee65ca116d272a5fe18c78a2cc1f + 0d8a8da7526ae1d1982a535aa1cd95a076b1811673cae0b2170e37d2ed812c33i, 996d381cba84679590b2a0c32b68e48a99a376ef3a8b85008c0ad29d015da991 + 1138dd84e4751228c237dec20b72b8068f64e629ba2c97ca0e1eb3a2aa07849ei, 702e0ff820b114eb8dc3b9e97300c6f990ba3dc763cb5685cfdc53182991d1db + 5c0d866b8a0d1a0fe00b0daa3b4f2240a9eb4117fcf7192096003f3344f1c8f3i)
r: (521e690d616b00bf994f0827ed59263320f973f6835166c3f607765ff49fb660 + 132f56183169a3f320c9bdc8b49e0ae86e75c7fc1d89de0ba986600865dc27cdi : 1cc33a0c3acda1614c43dc33d73c25c91513165a1132e57c97d3098c5ced1007 + 06161ead9e5c8e2ea35283528901f1114b6206afc114d9f2e88883bf8fdb6661i : 1d43f333046c2017d6c603e485437ee765f198dca362edb8262e9e44e5cf99c7 + b3496dcf8c0c376c65b3ee53cdb835c6d14920e26f6ac2c32e9d4c130046f14ai : 2b3d51a144d7c9cf8a11c6e778ab1f8937382bee36a750b83bc91e5dc018a5ed + 3f14d2c593f26bfec90c4f3d6fd8e7b27e43ba534ffd1febf258dd788847fb4ei)
e(p2,r) = (1e48382aecd4ea0a6eed04ce592f06791fab0dcd027c00766f98137a71d606e5 + 04e5e74366d03bd9a54499a3323b2e7b72eeb99f5ee8fe46a18395f634b6224ci, 24de58759cf1377d5830c830d1d0902cc66c1c3f1361aa1a4507266f98e1ec21 + 661afc8e156c2e39f426213fdab207302257f0e5960a980567dfa9a11b45f0dei, b544aa91abf6b3892fbc40593a1d464475b9b69be7b2967515aeb3f2c0907369 + aee0c0ee0d6c7bac2abce6472b81e9c8b8f071da26ebbbc2d286f93083b40899i, 8fc0ffa9c2cfbe7e282223808036887a20ce5438569b07d34950b873381d0727 + b1bd58a6cb88de43970d4d970c8c15dc14892c1f501d400afc153848fe136f97i, 84451776a746ac0553eef99fec947d9893193fd0f7c35c7a2a8b202e42f2ac7b + 34a481a6f50337a35189ced27e7f496951d4ff142c5385f27b8138686dcb7043i, ae24a6c1b9da20a41b8792f4ac4d99839d099037a59310e59060a7d169f7502f + 30bae55cda364da63fe6bd193ac0301592457570b1524fbcab7f2b596edf49bei)
e(p2,s) = (5a9fd1aafedfb6a596b3e2781ed2e97056e06fb0f09357b69af4aa76aa8ff1ed + 88259021e86c2118933c50285f20ce74b7b0cedbd7197e1a533a116ba18cd9f1i, 9e4faf20f6782d34a7e25ebffbbe272774e11facf737165f299eb6a26969e9e3 + 287f56a8bf324f6f56a82e2dda966f2184420f26aed784bfcb38cde9a2407405i, 14a30d4b1d971f7c1a7cc61f56ee44eacf6ba9e99c370ef593f68717cffa0493 + 6d208db7ab26560b0f2179cf7c824d4935fa3a07be7f4169f3e6c59b37a5de0ai, 12e704b8a0f97a34c4b0b870b8d50d8bb37aef5412581df7c5ed260c6d82c349 + 1bfe6d1d4baaf16cd3b5ee733d4e614c5cc19dca1cf3cec70e01e240768f79d3i, a894c1f62057620313de3c26470ce44c6d510fc850950b6e2c7478cb1d7dd3f3 + 2911de4f9dd95e2b7896b903c19e6d630d627853035239f187af3d7596e4cc4fi, 4b64d86c73ae1ea37780c187aed4e35057e007653d4d61ab34c14d1227686cc3 + 9e9200baea012a0c0d1fe914360f5a4bbfdbd032e5607ac7dc3177950aa18a58i)
e(r,q2) = (6f8cf3a0658e883bc366107dca53b0d76b0f6f6f7ef74cb4e61b2aa8ab601e8b + 35b9be4155c4434ede6bde0672c39ec0c4f462ee8c27a06415fd18a53ccaf5cei, 4b1b8eb429cb3a71b7e27b017a740ae4f7b6359e5c044f4cd6c2c588834c0169 + 2867122dd3f54bab64bcec5df5b4300c6ea7fcc6f4969d9e5935cdaacaee817di, 17bc103e92added726cd25c7141f707210212036e5252ad7cd24060fc254df6a + 010d499c20ade19e48e410460b1932dc112fd7953da08b5cfd89b53a99f2244bi, 18358eb20e9efb4aa4baef1b64f0fa2df2e17e7b05cfc4d7e5d9eeed3b784076 + 5f9b23465fd8cf3f5daf81bde23e45972e2c6376c066cccb7877617ebf4d7483i, 61d4ff939fcfb7de27becd5bdf311a98593fa2ca1ab34eeb369882cb821ea108 + 0a093f1713d049952218cd0852e2f3e023bb7ee8665c56cce69b6bc3c474e131i, afadf9f17edda1bd4e01cdae14bc0305baf40394da29edf0841b2e8633d12513 + 59845d3902056aa215bb12ccfdefe5060e42e2e8f6a614d3150b8ee185525f29i)
e(s,q2) = (57dcf60ee4369e9858d1dd467f5ec891e461fea0c94cb6bd9bc82aed91d907fb + 91f2801c495392b484f9d21d7181b9a03dfd4b087160ec4d070388f258f095e1i, 8b9241d6475e23fd2a2bd234fd8cbfba4063693d40e0b38640ea817cb8b79712 + 584db86871f773a37e3772b1ecf6f2df98da96cacafcd9a6857fae64789e6ea6i, 4d21aef28f52b15504f2acff346112f3f62301631acc2896c91cb73a0f2ecf3f + 2a069b2403057f081e40d88882df4f69b09360116566dde6635eba4be128a5a9i, 5005c52502d0e10132c013566f529ab1756bf6484dbc95c005ac819f0efd51b0 + 805cad8dd3d4d609c4ba20a774e2e5fda8ff44f5dd306538203c7dbca3453ebei, 8d77f775f53b4b5e2bd3c841237841849c22c6d13b3920ce24489fa5f453eba9 + a162fe065ebf64fb4e126cab783e4a925043442f780c0366d179a043e279beb6i, 8c26c60b80127e0544fea0ac66934c00fc909dadab8d1f22f3ee7f0db037dd2b + abccff963161c1947b9d470cae596506a3f1ae84f660e1861410e095a5d2f9efi)
---

0 个答案:

没有答案
相关问题
最新问题