Cryptography Foundation

We will learn about the cryptography foundation behind the Desig Protocol.

Last updated 1 year ago

Cryptography Foundation

We will learn about the cryptography foundation behind the Desig Protocol.

Elliptic Curve Digital Signature Algorithms

Based on the article , most current blockchains support 2 well-adopted Elliptic Curve Digital Signature Algorithms namely EdDSA (Ed255519), and ECDSA (Secp256k1). By success to integrate them, Desig Protocol can fully serve the multisig solution to Bitcoin, Ethereum, BSC, Solana, Near, Cardano, Avalanche, and many others.

EdDSA (Ed25519)

s = r + H(R,Pub,m)*Priv

ECDSA (Secp256k1)

s = r^{-1}*(H(m)+R_x*Priv)

We shared the same notations in both algorithms.

m: message
s: signature
r: random scalar
R: on-curve point corresponding to r
H: hash function
Pub/Priv: public and private key

In Desig Protocol, we target to build a layer-0 multisig solution, or chain-neutral multisig solution which means we are not using a smart contract as a layer for the multisig to consent and execute the transactions. Instead, the Desig protocol will cryptographically split a private key to multiple shares. By each share, shareholders can independently sign on the raw transaction and combine results into a single signature which is equivalent to the original signature. To build such a protocol, we employed Shamir's Secret Sharing Scheme.

f(0) = \sum_{j=0}^{k-1}y_j \prod_{i=0,i \neq j}^{k-1} \frac{x_i}{x_i-x_j}

ElGamal Encryption

This version is specialized to the aforementioned Elliptic Curves. ElGamal Encryption is working well in the context that people can encrypt a message by your public key, then you can decrypt it by the private key.

Key Generation

Pub = G * Priv

Encryption

E(m) = \{c=m+r*Pub, s= r*G\}

Decryption

D(c,s,Priv) = \{m=c-s*Priv\}

References

PreviousHello, world!NextKeypair Scheme

Last updated 1 year ago

Elliptic Curve Digital Signature Algorithms

EdDSA (Ed25519)

s = r + H(R,Pub,m)*Priv

ECDSA (Secp256k1)

s = r^{-1}*(H(m)+R_x*Priv)

We shared the same notations in both algorithms.

m: message
s: signature
r: random scalar
R: on-curve point corresponding to r
H: hash function
Pub/Priv: public and private key

f(0) = \sum_{j=0}^{k-1}y_j \prod_{i=0,i \neq j}^{k-1} \frac{x_i}{x_i-x_j}

The list of points on the polynomial is given as k pairs of the form .

ElGamal Encryption

Key Generation

Pub = G * Priv

Encryption

E(m) = \{c=m+r*Pub, s= r*G\}

Decryption

D(c,s,Priv) = \{m=c-s*Priv\}

References

[1] Bernstein, Daniel J., et al. International Workshop on Cryptographic Hardware and Embedded Systems. Springer, Berlin, Heidelberg, 2011.

[2] Bernstein, Daniel J., et al. International Conference on Cryptology and Information Security in Latin America. Springer, Cham, 2014.

[3] Bogdanov, Dan. University of Tartu, Institute of Computer Science 1 (2007).

[4] ECDSA: Elliptic curve signatures. ECDSA: Elliptic Curve Signatures - Practical Cryptography for Developers. (n.d.). Retrieved November 30, 2022, from

[5] ElGamal encryption. (2022, November 23). In Wikipedia.

[6] ElGamal, Taher. IEEE transactions on information theory 31.4 (1985): 469-472.

[7] Escudero, Daniel. Cryptology ePrint Archive (2022).

[8] Gennaro, Rosario, and Steven Goldfeder. Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. 2018.

[9] Gennaro, Rosario, and Steven Goldfeder. Cryptology ePrint Archive (2020).

[10] Iwamura, Keiichi, and Ahmad Akmal Aminuddin Mohd Kamal. Cryptology ePrint Archive (2019).

[11] Pieprzyk, Josef, Hossein Ghodosi, and Ron Steinfeld. NTU, Singapore, September (2011).

[12] Shingu, Takeshi, Keiichi Iwamura, and Kitahiro Kaneda. DCNET. 2016.

[13] Shamir, Adi. Communications of the ACM 22.11 (1979): 612-613.