25519-dalek 中的主要新增内容?
Key additions in 25519-dalek?
我有密钥添加,对于曲线 secp256k1,工作:https://crypto.stackexchange.com/a/83733/17505
use rand::Rng;
use secp256k1::{Secp256k1, SecretKey, PublicKey};
fn main() {
let secp = Secp256k1::new();
let seed_a = rand::thread_rng().gen::<[u8; 32]>();
let mut skey_a = SecretKey::from_slice(&seed_a).expect("32 bytes, within curve order");
let pkey_a = PublicKey::from_secret_key(&secp, &skey_a);
println!("skey_a {:?}", skey_a);
println!("pkey_a {:?}", pkey_a);
let seed_b = rand::thread_rng().gen::<[u8; 32]>();
let skey_b = SecretKey::from_slice(&seed_b).expect("32 bytes, within curve order");
let pkey_b = PublicKey::from_secret_key(&secp, &skey_b);
println!("skey_b {:?}", skey_b);
println!("pkey_b {:?}", pkey_b);
skey_a.add_assign(&seed_b).unwrap(); // there is no plain add, nor an obvious way to get the bytes out of an skey
let skey_sum = skey_a;
let pkey_sum_from_skeys = PublicKey::from_secret_key(&secp, &skey_sum);
println!("skey_sum {:?}", skey_sum);
println!("pkey_sum_from_skeys {:?}", pkey_sum_from_skeys);
// calculate the sum of public keys without needing access to secret keys
let pkey_sum_from_pkeys = pkey_a.combine(&pkey_b).unwrap();
println!("pkey_sum_from_pkeys {:?}", pkey_sum_from_pkeys);
}
输出:
skey_a SecretKey(ce9b44fedaa9aa82ee394a488df5ac55bdd3bd62c8cae45bebc1c91174fac2c2)
pkey_a PublicKey(c2d220e65b1a612405f7b18aa503132b2f29b9ac993bdcfc65ac3dfec4192856ad5da30b482ccb42c63c809703bb3cfac3644a586c8635f3178462d53e351fdf)
skey_b SecretKey(a8bfd58be7c9e14c27f0e60a00c1320e79698c8747cfa0cca0a2180267efc9ca)
pkey_b PublicKey(de8df52ed48d2c3320c03344a3fe859d61015e5f8d45b0df9aaa8d056c784e7e55a61a53630ee016e0bc8ac21d6ae4cd92e0ef91e74281d9410167b982764a8e)
skey_sum SecretKey(775b1a8ac2738bcf162a30528eb6de657c8e6d036151e4eccc9182870cb44b4b)
pkey_sum_from_skeys PublicKey(f91cf9ee526dab8a955709385c6ae5a7f757cf82278af1d670ab6b33f2f28d8716cbddf253047fa9ff6b152a6a1986213482d9ff6fdfc3883e481d7133d0045e)
pkey_sum_from_pkeys PublicKey(f91cf9ee526dab8a955709385c6ae5a7f757cf82278af1d670ab6b33f2f28d8716cbddf253047fa9ff6b152a6a1986213482d9ff6fdfc3883e481d7133d0045e)
ed25519-dalek 有类似的东西吗? https://docs.rs/ed25519-dalek/1.0.0/ed25519_dalek/
我觉得ed25519里面没有对应的key添加规则
我们可以通过查看 public 密钥是如何从
私钥。
对于基于 DSA 的 secp256k1,我们有一个私钥 x,我们有
public 键 x 由
给出
y = g^x mod p
从中可以看出
y' = ya . yb mod p
= (g^xa mod p) (g^xb mod p) mod p
= g^xa g^xb mod p
= g^(xa + xb) mod p
但是,EdDSA 私钥的推导是
y = hash_(x) * B
其中 hash_(x) 是 x 的 SHA-512 散列的最低 256 位。
问题是 hash_(x), hash_(y) 和 hash_(x+y).
之间没有关系
我有密钥添加,对于曲线 secp256k1,工作:https://crypto.stackexchange.com/a/83733/17505
use rand::Rng;
use secp256k1::{Secp256k1, SecretKey, PublicKey};
fn main() {
let secp = Secp256k1::new();
let seed_a = rand::thread_rng().gen::<[u8; 32]>();
let mut skey_a = SecretKey::from_slice(&seed_a).expect("32 bytes, within curve order");
let pkey_a = PublicKey::from_secret_key(&secp, &skey_a);
println!("skey_a {:?}", skey_a);
println!("pkey_a {:?}", pkey_a);
let seed_b = rand::thread_rng().gen::<[u8; 32]>();
let skey_b = SecretKey::from_slice(&seed_b).expect("32 bytes, within curve order");
let pkey_b = PublicKey::from_secret_key(&secp, &skey_b);
println!("skey_b {:?}", skey_b);
println!("pkey_b {:?}", pkey_b);
skey_a.add_assign(&seed_b).unwrap(); // there is no plain add, nor an obvious way to get the bytes out of an skey
let skey_sum = skey_a;
let pkey_sum_from_skeys = PublicKey::from_secret_key(&secp, &skey_sum);
println!("skey_sum {:?}", skey_sum);
println!("pkey_sum_from_skeys {:?}", pkey_sum_from_skeys);
// calculate the sum of public keys without needing access to secret keys
let pkey_sum_from_pkeys = pkey_a.combine(&pkey_b).unwrap();
println!("pkey_sum_from_pkeys {:?}", pkey_sum_from_pkeys);
}
输出:
skey_a SecretKey(ce9b44fedaa9aa82ee394a488df5ac55bdd3bd62c8cae45bebc1c91174fac2c2)
pkey_a PublicKey(c2d220e65b1a612405f7b18aa503132b2f29b9ac993bdcfc65ac3dfec4192856ad5da30b482ccb42c63c809703bb3cfac3644a586c8635f3178462d53e351fdf)
skey_b SecretKey(a8bfd58be7c9e14c27f0e60a00c1320e79698c8747cfa0cca0a2180267efc9ca)
pkey_b PublicKey(de8df52ed48d2c3320c03344a3fe859d61015e5f8d45b0df9aaa8d056c784e7e55a61a53630ee016e0bc8ac21d6ae4cd92e0ef91e74281d9410167b982764a8e)
skey_sum SecretKey(775b1a8ac2738bcf162a30528eb6de657c8e6d036151e4eccc9182870cb44b4b)
pkey_sum_from_skeys PublicKey(f91cf9ee526dab8a955709385c6ae5a7f757cf82278af1d670ab6b33f2f28d8716cbddf253047fa9ff6b152a6a1986213482d9ff6fdfc3883e481d7133d0045e)
pkey_sum_from_pkeys PublicKey(f91cf9ee526dab8a955709385c6ae5a7f757cf82278af1d670ab6b33f2f28d8716cbddf253047fa9ff6b152a6a1986213482d9ff6fdfc3883e481d7133d0045e)
ed25519-dalek 有类似的东西吗? https://docs.rs/ed25519-dalek/1.0.0/ed25519_dalek/
我觉得ed25519里面没有对应的key添加规则
我们可以通过查看 public 密钥是如何从 私钥。
对于基于 DSA 的 secp256k1,我们有一个私钥 x,我们有 public 键 x 由
给出y = g^x mod p
从中可以看出
y' = ya . yb mod p
= (g^xa mod p) (g^xb mod p) mod p
= g^xa g^xb mod p
= g^(xa + xb) mod p
但是,EdDSA 私钥的推导是
y = hash_(x) * B
其中 hash_(x) 是 x 的 SHA-512 散列的最低 256 位。
问题是 hash_(x), hash_(y) 和 hash_(x+y).