Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: ed25519 digital signature scheme #179

Merged
merged 21 commits into from
Jan 23, 2025
Merged
Show file tree
Hide file tree
Changes from 11 commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .codespell-ignore
Original file line number Diff line number Diff line change
Expand Up @@ -2,3 +2,4 @@ ronkathon
crate
nd
te
SHS
19 changes: 19 additions & 0 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 7 additions & 5 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,23 @@ license ="MIT OR Apache-2.0"
name ="ronkathon"
repository ="https://github.com/pluto/ronkathon"
version ="0.1.0"
exclude =["CHANGELOG.md", "src/tree/ConstructMerkleTree.gif"]
exclude =["CHANGELOG.md", "src/tree/ConstructMerkleTree.gif", "src/dsa/keygen.gif", "src/dsa/sign_and_verify.gif"]

[dependencies]
rand ="0.8"
itertools="0.13"
hex ="0.4"
rand ="0.8"
itertools ="0.13"
hex ="0.4"
crypto-bigint ="0.6.0-rc.6"
mrdaybird marked this conversation as resolved.
Show resolved Hide resolved

[dev-dependencies]
rstest ="0.23"
pretty_assertions ="1.4"
sha2 ="0.10"
sha2 ="0.10"
ark-ff ={ version="0.5", features=["std"] }
ark-crypto-primitives={ version="0.5", features=["sponge"] }
des ="0.8"
chacha20 ="0.9"
hex-literal ="0.4"

[[bin]]
name="hmac_sha256_bin"
Expand Down
51 changes: 51 additions & 0 deletions src/dsa/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
# Digital Signature Algorithms (DSA)

### What are digital signatures?

Like its name, **Digital Signatures** are digital analogs of physical signatures. For example, when you want to write a cheque you have to "sign" it for authentication purposes. But think about how you would do the same over the internet.
Here is where **Digital Signatures** come into the picture.

**Digital Signatures** have the following properties:
1. **Authenticity**: Just like physical signatures, digital signatures provide a way to verify the identity of a signer.
2. **Integrity**: Digital signatures provide a mechanism to detect unauthorized modification to a message.
3. **Non-repudiation**: Digital signatures have a nice property that once a signer signs a message, they cannot deny having done so.

### How does a digital signature scheme look like?

Digital signature schemes consists of three algorithms $\text{Gen, Sign, Verify}$, such that:

1. The key generation algorithm, $\text{Gen}$ which takes in the security parameter $n$ and outputs public key, $\text{pk}$ and private key, $\text{sk}$.
2. The signing algorithm $\text{Sign}$ takes as input the keys and a message and outputs a signature.
3. The verification algorithm $\text{Verify}$, takes as input the public key, a message, and a signature.
It outputs bit 1 if the signature is valid for the given message and public key, otherwise 0.

### How is a digital signature scheme used?

To explain how digital signature schemes are used, let's take the example of two people, Bobby and Alex.
Bobby is the one whose signature is required, so Bobby will run the $\text{Gen(n)}$ algorithm to obtain, $\text{pk, sk}$.
Then, the public key, $\text{pk}$, is publicized as belonging to Bobby. This not only provides authentication but also ensures non-repudiation. This one of the critical parts of a secure digital signature scheme.
You can read more on this here: [Public key infrastructure](https://en.wikipedia.org/wiki/Public_key_infrastructure)

![](./keygen.gif)

Now when Alex sends a message(document, contract, etc.), $m$, for Bobby to sign, they compute the signature, $s$ as, $s\leftarrow\text{Sign(sk,m}** and sents $s$ to Alex or any other party who wants to take a look.
mrdaybird marked this conversation as resolved.
Show resolved Hide resolved
Now, any party who wants to see if Bobby signed the document or not, applies the verification algorithm using the public key as $\text{Verify(pk,m,s)}$. Thus Alex or any other party can be sure of the authenicity of
the signature as well as the integrity of the message.

![](./sign_and_verify.gif)

### When is a signature scheme said to be secure?

A digital signature scheme is said to be secure if an adversary is unable to generate a forgery, that is, a message (not previously signed) and a valid signature for a fixed public key, in any case.

### Examples of digital signature scheme

1. Elliptic Curve Digital Signature Scheme(ECDSA)
2. Edwards-Curve Digital Signature Scheme(EdDSA)

## References

1. "Introduction to Modern Cryptography" by Jonathan Katz and Yehuda Lindell
2. [Digital Signatures](https://asecuritysite.com/signatures)


7 changes: 2 additions & 5 deletions src/ecdsa.rs → src/dsa/ecdsa.rs
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
//! ECDSA signature verification
use std::hash::{DefaultHasher, Hasher};

use algebra::field::FiniteField;
use curve::CurveGroup;

use super::*;
use crate::{algebra::field::FiniteField, curve::CurveGroup};

// PARAMETERS
// *******************************************
Expand Down Expand Up @@ -118,9 +116,8 @@ fn hash_and_extract_bits<F: Field>(m: &[u8], bit_count: usize) -> F {

#[cfg(test)]
mod tests {
use algebra::{field::prime::PlutoScalarField, group::FiniteCyclicGroup, Finite};

use super::*;
use crate::algebra::{field::prime::PlutoScalarField, group::FiniteCyclicGroup, Finite};

#[test]
fn test_sign_verify() {
Expand Down
Loading
Loading