mirror of
https://github.com/serai-dex/serai.git
synced 2025-01-22 10:44:53 +00:00
13977f6287
Encryption used to be inlined into FROST. When writing the documentation, I realized it was decently hard to review. It also was antagonistic to other hosted DKG algorithms by not allowing code re-use. Encryption is now a standalone module, providing clear boundaries and reusability. Additionally, the DKG protocol itself used to use the ciphersuite's specified hash function (with an HKDF to prevent length extension attacks). Now, RecommendedTranscript is used to achieve much more robust transcripting and remove the HKDF dependency. This does add Blake2 into all consumers yet is preferred for its security properties and ease of review.
745 B
745 B
Distributed Key Generation
Serai uses a modification of Pedersen's Distributed Key Generation, which is actually Feldman's Verifiable Secret Sharing Scheme run by every participant, as described in the FROST paper. The modification included in FROST was to include a Schnorr Proof of Knowledge for coefficient zero, preventing rogue key attacks. This results in a two-round protocol.
Encryption
In order to protect the secret shares during communication, the dkg
library
additionally sends an encryption key. These encryption keys are used in an ECDH
to derive a shared key. This key is then hashed to obtain two keys and IVs, one
for sending and one for receiving, with the given counterparty. Chacha20 is used
as the stream cipher.