mirror of
https://github.com/serai-dex/serai.git
synced 2024-10-31 09:27:37 +00:00
13977f6287
Encryption used to be inlined into FROST. When writing the documentation, I realized it was decently hard to review. It also was antagonistic to other hosted DKG algorithms by not allowing code re-use. Encryption is now a standalone module, providing clear boundaries and reusability. Additionally, the DKG protocol itself used to use the ciphersuite's specified hash function (with an HKDF to prevent length extension attacks). Now, RecommendedTranscript is used to achieve much more robust transcripting and remove the HKDF dependency. This does add Blake2 into all consumers yet is preferred for its security properties and ease of review.
15 lines
745 B
Markdown
15 lines
745 B
Markdown
# Distributed Key Generation
|
|
|
|
Serai uses a modification of Pedersen's Distributed Key Generation, which is
|
|
actually Feldman's Verifiable Secret Sharing Scheme run by every participant, as
|
|
described in the FROST paper. The modification included in FROST was to include
|
|
a Schnorr Proof of Knowledge for coefficient zero, preventing rogue key attacks.
|
|
This results in a two-round protocol.
|
|
|
|
### Encryption
|
|
|
|
In order to protect the secret shares during communication, the `dkg` library
|
|
additionally sends an encryption key. These encryption keys are used in an ECDH
|
|
to derive a shared key. This key is then hashed to obtain two keys and IVs, one
|
|
for sending and one for receiving, with the given counterparty. Chacha20 is used
|
|
as the stream cipher.
|