-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Zellic 3.4: Bias in hashToField function
The function hashToField is used to hash a uint256 value toFp. The resulting value is later mapped to a point on an elliptic curve with the function mapToG2. The message is first hashed with the keccak256 function and then transformed to a value in the finite field with the function maskBits: ```solidity // This matches mcl maskN, this only takes the 254 bits for the field, if it is still greater than the field then take the 253 bits function maskBits(uint256 input) internal pure returns (uint256) { uint256 mask = ~uint256(0) - 0xC0; if (byteSwap(input & mask) >= FIELD_MODULUS) { mask = ~uint256(0) - 0xE0; } return input & mask; } ``` The two first bits of the value are set to zero, and then if the value is still bigger than p, the next bit is masked to zero. It means that the values between p and 2^254−1 are mapped to a value between p−2^253 and 2^253−1. Values between zero and p are left unchanged, resulting in values in the range [p−2^253, 2^253−1] having twice the probability to be chosen as output. --- Our solution to this is to implement RFC9380. The implementation has largely been taken from Hopr's crypto implementation of RFC9380 tweaked for the BLS usecase.
- Loading branch information
Showing
10 changed files
with
496 additions
and
92 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -19,4 +19,5 @@ set(test_sources | |
src/basic.cpp | ||
src/basic_ethereum.cpp | ||
src/rewards_contract.cpp | ||
src/hash.cpp | ||
) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.