refresh

package

v1.0.7 Latest Latest Go to latest Published: Apr 15, 2026 License: Apache-2.0 Imports: 8 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/keyzon-technologies/kryptology

Links

Open Source Insights

Documentation ¶

Overview ¶

Package refresh implements the key-share refresh protocol for DKLS19.

The refresh protocol lets Alice and Bob rotate their additive key shares and re-seed the correlated OT material without changing the joint public key.

Protocol outline (additive refresh, Silent OT variant):

Alice samples k_A ← F_q, writes it to the transcript, and sends it to Bob.
Bob appends k_A, samples k_B, derives the common addend k, updates sk_B ← sk_B + k. Generates new silent-OT DH key + Schnorr proof. Sends k_B + OTProof.
Alice appends k_B, derives k, updates sk_A ← sk_A − k, verifies OTProof, and stores her new ReceiverOutput. No further rounds.

Invariant: sk_A' + sk_B' = (sk_A − k) + (sk_B + k) = sk_A + sk_B = x, so the joint public key Q = (sk_A + sk_B)·G is unchanged.

Index ¶

type Alice
- func NewAlice(curve *curves.Curve, dkgOutput *dkg.AliceOutput) *Alice
type Bob
- func NewBob(curve *curves.Curve, dkgOutput *dkg.BobOutput) *Bob
- func (bob *Bob) Output() *dkg.BobOutput
- func (bob *Bob) Round2BobAddendAndOT(kA curves.Scalar) (*RefreshRound2Output, error)
type RefreshRound2Output

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Alice ¶

type Alice struct {
	// contains filtered or unexported fields
}

Alice holds Alice's mutable state during one refresh execution.

func NewAlice ¶

func NewAlice(curve *curves.Curve, dkgOutput *dkg.AliceOutput) *Alice

NewAlice creates an Alice refresh instance from existing DKG output. Returns nil if curve or dkgOutput is nil.

func (*Alice) Output ¶

func (alice *Alice) Output() *dkg.AliceOutput

Output returns Alice's refreshed DKG output. Returns nil if the refresh protocol has not yet finished.

func (*Alice) Round1AliceAddend ¶ added in v1.0.1

func (alice *Alice) Round1AliceAddend() (curves.Scalar, error)

Round1AliceAddend is Alice's opening move. She samples k_A ← F_q, appends it to the transcript, and sends it to Bob.

func (*Alice) Round3AliceUpdateAndOT ¶

func (alice *Alice) Round3AliceUpdateAndOT(r2 *RefreshRound2Output) error

Round3AliceUpdateAndOT is Alice's final step. She appends k_B, derives k, updates her key share as sk_A ← sk_A − k, verifies Bob's Silent OT Schnorr proof, and stores her new ReceiverOutput.

type Bob ¶

type Bob struct {
	// contains filtered or unexported fields
}

Bob holds Bob's mutable state during one refresh execution.

func NewBob ¶

func NewBob(curve *curves.Curve, dkgOutput *dkg.BobOutput) *Bob

NewBob creates a Bob refresh instance from existing DKG output. Returns nil if curve or dkgOutput is nil.

func (*Bob) Output ¶

func (bob *Bob) Output() *dkg.BobOutput

Output returns Bob's refreshed DKG output. Returns nil if the refresh protocol has not yet finished.

func (*Bob) Round2BobAddendAndOT ¶ added in v1.0.1

func (bob *Bob) Round2BobAddendAndOT(kA curves.Scalar) (*RefreshRound2Output, error)

Round2BobAddendAndOT is Bob's response. Bob appends k_A, samples k_B, derives the common addend k, updates his key share as sk_B ← sk_B + k, and generates the new silent-OT DH key pair.

type RefreshRound2Output ¶

type RefreshRound2Output struct {
	// OTProof is the Schnorr proof of Bob's silent-OT DH secret b.
	OTProof *schnorr.Proof

	// BobAddend is k_B, Bob's random contribution to the refresh transcript.
	BobAddend curves.Scalar
}

RefreshRound2Output is Bob's message to Alice in the refresh protocol.

Source Files ¶

View all Source files

refresh.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL