// GetSharedSecret returns the shared secret, as in the Verdict hash-based construction, for the given public and
// private keys
func GetSharedSecret(pk *PubKey, sk *PriKey) (abstract.Secret, abstract.Point) {
var suite abstract.Suite
suite = crypto.Suite
point := suite.Point().Mul(pk.Elem, sk.secret)
r := crypto.HashKDF(point)
R := suite.Point().Mul(crypto.Generator, r)
return r, R
}
// Init calculates, given the notary public keys and shuffled slot keys in the session data,
// the shared secrets with the users.
func (n *Notary) Init(data *Data) {
count := len(data.Users)
var suite = crypto.Suite
n.secretSum = suite.Secret().Zero()
n.commitmentsSum = suite.Point().Null()
n.sharedSecrets = make([]abstract.Secret, count)
for i := 0; i < count; i++ {
diffiehellman := suite.Point().Mul(data.Users[i].Elem, n.sk.secret) // (g^{a_i})^{b_j}
n.sharedSecrets[i] = crypto.HashKDF(diffiehellman) // r_{ij} = KDF( (g^{a_i})^{b_j} )
commitment := suite.Point().Mul(crypto.Generator, n.sharedSecrets[i]) // R_{ij} = g-hat^{r_{ij}}
n.secretSum.Add(n.secretSum, n.sharedSecrets[i])
n.commitmentsSum.Add(n.commitmentsSum, commitment)
}
}
// Init calculates, given the user public keys and shuffled slot keys in the session data,
// the shared secrets with the notaries, as well as our shuffled slot index.
func (u *User) Init(data *Data) {
count := len(data.Notaries)
var suite = crypto.Suite
u.secretSum = suite.Secret().Zero()
u.commitmentsSum = suite.Point().Null()
u.sharedSecrets = make([]abstract.Secret, count)
for j := 0; j < count; j++ {
diffiehellman := suite.Point().Mul(data.Notaries[j].Elem, u.sk.secret) // (g^{b_j})^{a_i}
u.sharedSecrets[j] = crypto.HashKDF(diffiehellman) // r_{ij} = KDF( (g^{b_j})^{a_i} )
commitment := suite.Point().Mul(crypto.Generator, u.sharedSecrets[j]) // R_{ij} = g-hat^{r_{ij}}
u.secretSum.Add(u.secretSum, u.sharedSecrets[j])
u.commitmentsSum.Add(u.commitmentsSum, commitment)
}
for i := range data.SlotKeys {
if data.SlotKeys[i].Equal(u.slotPubKey) {
u.slotIndex = i
return // No need to continue the loop
}
}
}