- Kurt-Pan·Last edited by Kurt-Pan on Aug 20, 2022Linked with GitHubContributed by
There is no commentSelect some text and then click Comment, or simply add a comment to this page from below to start a discussion.Read more
A preliminary note on Vitalik's proposal for arithmetic hash-based proto-danksharding
by Kurt Pan Vitalik recently wrote a great post on the trade-offs about replacing the KZG commitment to arithmetic hash-based one in EIP-4844. The article is very instructive and forward-looking, but unless you are a tech-savvy and keep an eye on the state-of-art progress, there will be a lot of prerequisites to be met to understand the article. In this short article I will present to you some of the necessities and learning materials for understanding Vitalik's post. The purpose is not to be mathematically or cryptographically rigorous or complete, it is mainly to serve as a preview of the landscape. I hope this article will make the learning process a little bit easier for you. Mathematics Mathematics (for most people) is hard, especially the ones involved in blockchain frontier technologies, which to many seem like moon math. But at the same time math is necessary for the clarification of concepts, formal description and analysis, security proofs and many other necessary steps of research.
Nov 9, 2022BLS签名形式化安全证明(十四行诗版)
作者:Kurt Pan
Nov 4, 2022哈希到secp256k1椭圆曲线
:::info 原文:https://geometry.xyz/notebook/Hashing-to-the-secp256k1-Elliptic-Curve 作者:weijie.eth 译者:Kurt Pan ::: 引言 许多密码学协议,比如可聚合分布式密钥生成和BLS签名方案,都需要用到哈希到曲线算法,确定性地将任意字节串转换成椭圆曲线上的一个点。这样的算法并非平凡,因为不仅仅是要产生有效的曲线点,而且还要以安全且高效的方式来产生。 这篇文章中,我将总结哈希到曲线函数的技术现状,重点是其在secp256k1椭圆曲线上的应用,以及一般的哈希到曲线算法背后的一些安全考虑和性能优化。
Oct 27, 2022一个对SDH问题解的ZKPoK协议
Strong Diffie-Hellman (SDH) 问题定义如下: 给定$(q+2)$长的元组 $\left(g_1, g_2, g_2^\gamma, g_2^{\left(\gamma^2\right)}, \ldots, g_2^{\left(\gamma^q\right)}\right)$ 作为输入,输出 $\left(g_1^{1 /(\gamma+x)}, x\right)$ ,其中$x \in \mathbb{Z}_p^*$。 SDH假设就是,不存在多项式时间算法可以以不可忽略概率解决SDH问题。 Schnorr协议,是一个证明「知道离散对数」的ZKPoK。以下ZKPoK协议是对Schnorr协议的扩展,可以以零知识的方式证明「知道SDH问题的解」。(至于我为什么要介绍这个协议,以后就慢慢知道了。 :wink:) 秘密值:$\gamma$ 公开值: $g_1, u, v, h \in G_1 , g_2, w \in G_2$, 其中$w=g_2^\gamma$
Oct 10, 2022
HackMD