@software-security-lab/schnorr
v1.0.6
Published
Simple and basic non-interactive version of original Schnorr protocol.
Downloads
17
Maintainers
Readme
Schnorr NIZKP
The non-interactive version of original Schnorr zero-knowledge proof.
This project is purposed to be used with public key cryptosystem based on "Discrete Logarithm" such as ElGamal.
Reminder: By having
r
as your secret,g
as generator andx
as gr = x and by assuming that verfiers knows bothx
andg
, you want to prove that you know value of x without revealing it.
The Fiat-Shamir heuristic is applied to Schnorr protocol to make it non-interactive.
NIZKP stands for 'Non-Interactive Zero Knowledge Proof'
You should first initialize the module with a Cyclic Group then it's ready.
This module works over Multiplicative Group of integers as underlying Cyclic Group.
NOTE: This Module is developed for educational goals, although we developed it securely but the risk of using it in production environment is on you!
Installation
Either you are using Node.js or a browser, you can use it locally by downloading it from npm:
npm install @software-security-lab/schnorr
Usage
To include this module in your code simply:
const Schnorr = require('@software-security-lab/schnorr');
If you are using it in a browser, you may need to use a tool such as browserify to compile your code.
After including the module into your code, you can create your instance using new
operator as described in Methods section.
Methods
While introducing the methods, we use specific phrases which are listed below:
- Throws Error: Indicates the methods throw an error, the type or reason of possible errors is explained in the method's explanation.
- Async: Indicates this method is an asynchronous method which means you should wait for it to complete its execution.
Schnorr(p)
p
:ElGamal
- Returns: NIZKP Schnorr module
- Throws Error:
If you are using our ElGamal module, you can directly pass your instance and then use it to proof your secret of knowledge.
p
parameter is your instance of ElGamal
module:
const elgamal = new ElGamal();
await elgamal.initializeRemotely(2048);
elgamal.checkSecurity();
let schnorr = new Schnorr(elgamal);
Throws an error if p
is of wrong type.
Schnorr(p, g)
p
:String
|big-integer
g
:String
|big-integer
- Returns: NIZKP Schnorr proof.
- Throws Error:
If you're not using ElGamal module and even not ElGamal Encryption, you can initialize the Schnorr this way.
p
parameter is the modulus of underlying Cyclic Group.g
parameter is the generator of underlying Cyclic Group.
Throws an error if one of p
or g
is not provided or is of wrong type.
Keep in mind the Schnorr works over Cyclic Group which can be determined by its generator and its order. Since we are using Multiplicative Groups as Cyclic Groups, modulus
p
specifies the group order implicitly.
Prove(r, [x])
r
:String
|big-integer
x
:String
|big-integer
- Returns: Schnorr Proof
- Async
- Throws Error
Use this method to Proves your knowledge about secret r
.
r
parameter is your secret!x
parameter is the info which you wants to prove your knowledge about it. In simple words, x
is result of following modular exponentiation:g
r
mod p = x
As you can see, x
is optional. If you leave it undefined
then we computes it internally.
Throws an error if r
is not provided or is of wrong type.
NOTE: For security sakes, we get rid of r
as soon as we computes the Schnorr proof. So make sure you keep it safe yourself.
verify(x, proof)
x
:String
|big-integer
proof
: Schnorr Proof- Returns: boolean
Verifies the knowledge of prover about secret of x
considering the given proof
proof
is resulted from calling Prove()
.x
is the information which you wants to make sure the prover knows its knowledge.
Returns true
if the knowledge of prover about secret of x
is verifed and returns false
otherwise.
Example
A simple example is provided at ./tests/main.js
file which is available at GitHub page too.
Contributing
Since this module is developed at Software Security Lab, you can pull requests but merging it depends on Software Security Lab decision.
Also you can open issues first then we can discuss about it.
Support
If you need help you can either open an issue in GitHub page or contact the developers by mailing to [email protected]
License
This work is published under ISC license.