serai/crypto/ciphersuite
Luke Parker 0bbf511062
Add 'static/Send/Sync to specific traits in crypto
These were proven necessary by our real world usage.
2023-03-07 02:38:47 -05:00
..
src Add 'static/Send/Sync to specific traits in crypto 2023-03-07 02:38:47 -05:00
Cargo.toml Update to {k, p}256 0.12 2023-03-07 02:34:10 -05:00
LICENSE Create a dedicated crate for the DKG (#141) 2022-10-29 03:54:42 -05:00
README.md 3.5.2 Add more tests to ff-group-tests 2023-02-24 06:03:56 -05:00

Ciphersuite

Ciphersuites for elliptic curves premised on ff/group.

Secp256k1/P-256

Secp256k1 and P-256 are offered via k256 and p256, two libraries maintained by RustCrypto.

Their hash_to_F is the IETF's hash to curve, yet applied to their scalar field.

Ed25519/Ristretto

Ed25519/Ristretto are offered via dalek-ff-group, an ff/group wrapper around curve25519-dalek.

Their hash_to_F is the wide reduction of SHA2-512, as used in RFC-8032. This is also compliant with the draft RFC-RISTRETTO. The domain-separation tag is naively prefixed to the message.

Ed448

Ed448 is offered via minimal-ed448, an explicitly not recommended, unaudited, incomplete Ed448 implementation, limited to its prime-order subgroup.

Its hash_to_F is the wide reduction of SHAKE256, with a 114-byte output, as used in RFC-8032. The domain-separation tag is naively prefixed to the message.