Hei Habr!
Π Muchinyorwa chino, takakurukura kuti sei zvingave zvakakosha kugadzira nhamba dzisina kurongeka dzevatori vechikamu vasingavimbani, ndezvipi zvinodiwa zvinoiswa pamberi peakadaro manhamba jenareta, uye takafunga nzira mbiri dzekuita kwavo.
Muchikamu chino chechinyorwa, tichatarisisa imwe nzira inoshandisa masiginecha echikumbaridzo.
A bit of cryptography
Kuti unzwisise kuti chikumbaridzo siginecha chinoshanda sei, iwe unofanirwa kunzwisisa diki diki cryptography. Tichashandisa pfungwa mbiri: scalar, kana nhamba chete, iyo yatichazoratidza nemavara madiki (x, y) uye inonongedza pa elliptic curve, yaticharatidza nemabhii makuru.
Kuti unzwisise izvo zvekutanga zvemasiginecha echikumbaridzo, haufanire kunzwisisa kuti elliptic curves inoshanda sei, kunze kwezvinhu zvishoma zvakakosha:
-
Mapoinzi pane elliptic curve anogona kuwedzerwa uye kuwanzwa ne scalar (isu ticharatidza kuwanda ne scalar se. xG, kunyangwe iyo notation Gx zvakare inowanzoshandiswa mumabhuku). Mhedzisiro yekuwedzera uye kuwanda ne scalar ipoindi pane elliptic curve.
-
Kuziva pfungwa chete G uye chigadzirwa chayo chine scalar xG haigone kuverengwa x.
Tichashandisawo pfungwa yepolynomial p(x) dhigirii k-1. Kunyanya, isu tichashandisa inotevera pfuma yemapolynomials: kana isu tichiziva kukosha p(x) chero k siyana x (uye isu hatina rumwe ruzivo nezve p(x)), tinogona kuverenga p(x) kune mumwe munhu x.
Zvinonakidza kuti kune chero polynomial p(x) uye imwe pfungwa pa curve Gvachiziva zvazvinoreva p(x)G chero k zvinoreva zvakasiyana x, tinogonawo kuverenga p(x)G chero x.
Iri iruzivo rwakakwana kuchera mukati meruzivo rwekuti masaini masiginecha anoshanda sei uye mashandisiro aanoita kugadzira manhamba asina kurongeka.
Random nhamba jenareta pamasiginecha echikumbaridzo
Ngatitaurei izvozvo n vatori vechikamu vanoda kugadzira nhamba isina kurongeka, uye tinoda kuti chero munhu atore chikamu k pakanga paine zvakakwana kwavari kugadzira nhamba, asi kuitira kuti vanorwisa vanotonga k-1 kana vashoma vatori vechikamu havana kukwanisa kufanotaura kana kufurira nhamba yakagadzirwa.
Ngatitii pane polynomial yakadaro p(x) dhigirii k-1 izvo mutori wechikamu wekutanga anoziva p (1), wechipiri anoziva p(2), zvichingoenda zvakadaro (n- anoziva p(n)) Isu tinofungidzira zvakare kuti kune imwe nguva yakatarwa G munhu wose anoziva p(x)G kune zvese zvakakosha x. Tichafona p(i) "Private chikamu" ith mutori wechikamu (nekuti chete imutori wechikamu anomuziva), uye p(i)G "Public chikamu" i-th mutori wechikamu (nokuti vatori vechikamu vese vanomuziva). Sezvaunorangarira, ruzivo p(i)G hazvina kukwana kudzorera p(i).
Kugadzira polynomial yakadaro kuti chete i-Mutori wekutanga uye hapana mumwe munhu aiziva chikamu chake chega - ichi ndicho chikamu chakaoma uye chinonakidza cheprotocol, uye isu tichaiongorora pasi apa. Parizvino, ngatifungei kuti isu tine polynomial yakadaro uye vese vatori vechikamu vanoziva yavo yakavanzika zvikamu.
Tingashandisa sei polynomial yakadaro kugadzira nhamba isina kurongeka? Kutanga, tinoda imwe tambo isati yamboshandiswa sekuisa kune jenareta. Munyaya ye blockchain, iyo hashi yekupedzisira block h mukwikwidzi akanaka wemutsara wakadaro. Rega vatori vechikamu vade kugadzira nhamba isina kurongeka vachishandisa h semhodzi. Vatori vechikamu vanotanga vatendeuka h kusvika pane imwe curve uchishandisa chero basa rakafanotsanangurwa:
H = scalarToPoint(h)
Zvadaro mumwe nomumwe mubatanidzwa i anoverenga uye anoshambadza Hi = p(i)H, vangaitei nekuti vanoziva p (i) uye H. Kuzivisa Hini handitenderi vamwe vatori vechikamu kudzoreredza chikamu chakavanzika ith mutori wechikamu, uye saka imwe seti yezvakavanzika zvikamu zvinogona kushandiswa kubva kubhuroka kuenda kubhuroka. Nekudaro, iyo inodhura polynomial chizvarwa algorithm inotsanangurwa pazasi inongoda kuurayiwa kamwe chete.
When k vatori vechikamu vakaongororwa Hi = p(i)H, munhu wese anogona kuverenga Hx = p(x)H kune vese x nekuda kwemidziyo yemapolynomials yatakakurukura muchikamu chekupedzisira. Panguva ino, vese vatori vechikamu vanoverenga H0 = p(0)H, uye iyi ndiyo mhedzisiro nhamba isina kurongeka. Ndapota cherechedza kuti hapana anoziva p(0), uye saka ndiyo chete nzira yekuverenga p(0)H - uku kududzira p(x)H, izvo zvinogoneka chete kana k values p(i)H anozivikanwa. Kuvhura chero huwandu hudiki p(i)H haipe chero ruzivo nezve p(0)H.
Jenareta iri pamusoro ine zvese zvatinoda: vanorwisa vanodzora chete k-1 vatori vechikamu kana vashoma havana ruzivo kana pesvedzero pamhedziso, nepo chero k vatori vechikamu vanogona kuverenga nhamba inobuda, uye chero chikamu che k vatori vechikamu vachagara vachiuya kune imwechete mhedzisiro yembeu imwechete.
Pane dambudziko rimwe chete ratakanyatsodzivirira pamusoro. Kuti kududzira kushande, zvakakosha kuti kukosha Hi iyo yakabudiswa nemusanganisi wega wega i zvakanga zvakafanana p(i)H. Sezvo pasina mumwe kunze i-th mubatanidzwa haazive p (i), hapana kunze i-mutori wechikamu haakwanise kuonesa izvozvo Hi chaizvoizvo akaverengwa nemazvo, uye pasina chero cryptographic uchapupu hwechokwadi Hini anorwisa ndinogona kuburitsa chero kukosha se Mhoro, uye kupesvedzera zvisina tsarukano kubuda kwejenareta yenhamba isina kurongeka:
Hunhu hwakasiyana hweH_1 hwakatumirwa nekutanga kutora chikamu hunotungamira kune akasiyana mhedzisiro H_0
Pane nzira dzinenge mbiri dzekuratidza chokwadi Hini, tichazvifunga mushure mekuongorora chizvarwa chepolynomial.
Polynomial generation
Muchikamu chekupedzisira takafungidzira kuti tine polynomial yakadaro p(x) dhigirii k-1 kuti mubati i anoziva p(i), uye hapana mumwe munhu ane ruzivo nezve kukosha uku. Muchikamu chinotevera tichadawo izvozvo kune imwe pfungwa yakafanotemerwa G munhu wese aiziva p(x)G kune vese x.
Muchikamu chino tichafunga kuti mumwe nemumwe anotora chikamu munharaunda ane kiyi yakavanzika xi, zvekuti munhu wese anoziva kiyi yeruzhinji inoenderana Xi.
Imwe inogoneka polynomial chizvarwa protocol ndeiyi inotevera:
-
Mumwe nemumwe anotora chikamu i munharaunda inogadzira arbitrary polynomial pi(x) dhigirii k-1. Vanobva vatumira mumwe nemumwe anenge atora chikamu j kukosha pi(j), yakavharidzirwa nekiyi yeruzhinji Xj. Ndizvo chete i-th ΠΈ j-th mubati anoziva pini(j). Mutori wechikamu i uyewo anozivisa pachena pi(j)G kune vese j ΠΎΡ 1 up to k kusanganisira.
-
Vese vatori vechikamu vanoshandisa kumwe kubvumirana kusarudza k vatori vechikamu vane mapolynomials achashandiswa. Sezvo vamwe vatori vechikamu vangave vasiri pamhepo, hatigone kumirira kusvika munhu wese n vatori vechikamu vachaburitsa polynomials. Mhedzisiro yenhanho iyi ndeye seti Z inosanganisira kanenge k polynomials yakagadzirwa mudanho (1).
-
Vatori vechikamu vanova nechokwadi chekuti hunhu hwavanoziva pi(j) zvinoenderana nezvakaziviswa pachena pi(j)G. Mushure mekupinda uku Z mapolynomials chete ayo anotapurirwa pachivande pi(j) zvinoenderana nezvakaziviswa pachena pi(j)G.
-
Mumwe nemumwe anotora chikamu j inoverengera chikamu chayo chakavanzika p(j) semari pi (j) kune vese i Π² Z. Mumwe nemumwe anotora chikamu anoverengawo kukosha kwese p(x)G semari pi(x)G kune vese i Π² Z.
ziva kuti p(x) - ichokwadi polynomial k-1, nokuti ndiyo nhamba yemunhu pi(x), imwe neimwe iri polynomial yedhigirii k-1. Zvadaro, cherechedza kuti apo mumwe nomumwe mubatanidzwa j anoziva p(j), havana ruzivo nezvazvo p(x) nokuti x β j. Chokwadi, kuverenga kukosha uku, ivo vanofanirwa kuziva zvese pi(x), uye chero bedzi mutori wechikamu j haazive kana imwe yemapolynomials akasarudzwa, ivo havana ruzivo rwakakwana nezve p(x).
Iyi ndiyo yese polynomial generation process yaidiwa muchikamu chekupedzisira. Matanho 1, 2 uye 4 pamusoro ane kuita kuri pachena. Asi danho rechitatu harisi diki.
Kunyanya, isu tinofanirwa kukwanisa kuratidza kuti encrypted pi(j) inonyatsoenderana neakabudiswa pi(j)G. Kana isu tisingakwanise kuzviratidza, anorwisa i anogona kutumira marara pachinzvimbo pi (j) kune anotora chikamu j, uye mutori wechikamu j haizokwanisi kuwana kukosha chaiko pi(j), uye haizokwanisi kuverenga chikamu chayo chakavanzika.
Iko kune cryptographic protocol inobvumidza iwe kugadzira imwe meseji umbooi(j), zvekuti chero mutori wechikamu, ane kukosha e, Π° ΡΠ°ΠΊΠΆΠ΅ uchapupu(j) ΠΈ pi(j)G, inokwanisa kuona izvi munharaunda e - ndizvo chaizvo pi(j), encrypted nekiyi yemutori wechikamu j. Nehurombo, ukuru hwehumbowo hwakadaro hwakakura zvisingaite, uye zvakapihwa kuti zvakafanira kuburitswa O(nk) Humbowo hwakadaro hahugone kushandiswa pachinangwa ichi.
Pane kuratidza izvozvo pi(j) ΡΠΎΠΎΡΠ²Π΅ΡΡΡΠ²ck pi (j) G tinogona kugovera nguva yakareba kwazvo mu polynomial generation protocol, panguva iyo vatori vechikamu vose vanotarisa yakagamuchirwa yakavharidzirwa. pi(j), uye kana meseji yakadzikwa isingaenderane neruzhinji pi(j) G, vanoburitsa chiratidzo chekriptographic chekuti meseji yakavharidzirwa yavakagamuchira haina kururama. Ratidza kuti shoko racho kwete ΡΠΎΠΎΡΠ²Π΅ΡΡΡΠ²ck pi(G) zviri nyore pane kuratidza kuti zvinoenderana. Zvinofanira kucherechedzwa kuti izvi zvinoda kuti mumwe nemumwe anotora chikamu aoneke online kamwechete panguva yakagoverwa kugadzira humbowo hwakadaro, uye anovimba nefungidziro yekuti kana vakaburitsa humbowo hwakadaro, huchasvika kune vamwe vatori vechikamu panguva imwe chete yakagoverwa.
Kana mutori wechikamu asina kuoneka pamhepo panguva ino yenguva, uye aine chimwe chinhu chisina kunaka, saka uyo anenge atora chikamu haakwanise kutora chikamu mukuwedzera nhamba yekugadzira. Iyo protocol ichaita, zvisinei, ichiri kushanda kana iripo k vatori vechikamu vakangogamuchira zvikamu zvakaringana kana kuti vakakwanisa kusiya humbowo hwekusarongeka mukati menguva yakatarwa.
Humbowo hwechokwadi hweH_i
Chikamu chekupedzisira chasara kukurukurwa ndechekuti ungaratidza sei chokwadi chekuburitswa Hi, kureva kuti Hi = p(i)H, pasina kuvhura p(i).
Ngatirangarirei kuti hunhu H, G, p(i)G zveruzhinji uye zvinozivikanwa nemunhu wese. Gamuchira kushanda p(i) kuziva p(i)G ΠΈ G inonzi discrete logarithm, kana dlog, uye tinoda kuratidza kuti:
dlog(p(i)G,G) =dlog(Hi, H)
pasina kuburitsa pachena p(i). Zvivakwa zvehumbowo hwakadaro zviripo, semuenzaniso.
Nekugadzirwa uku, mumwe nomumwe mubatanidzwa, pamwe chete Hi inotumira humbowo hwekururama zvinoenderana nemagadzirirwo.
Kana imwe nhamba yangogadzirwa, inowanzoda kushandiswa nevatori vechikamu kunze kweavo vakaigadzira. Vatori vechikamu vakadaro, pamwe chete nenhamba, vanofanira kutumira vose Hi noufakazi hunowirirana.
Muverengi anobvunza anogona kubvunza: sezvo nhamba yekupedzisira isingaite iri H0 uye p(0)G - Iri inhau yeruzhinji, nei tichida humbowo kumunhu wega wega Hini, wadii kutumira humbowo kuti pane kudaro
dlog (p(0)G, G) = dlog(H0, H)
Dambudziko nderekuti humbowo hwakadaro hahugone kugadzirwa uchishandisa Schnorr Protocol nekuti hapana anoziva kukosha p (0), zvakakosha kuti ugadzire humbowo, uye chiizve, iyo yose isina kurongeka nhamba jenareta yakavakirwa pakuti hapana anoziva kukosha uku. Naizvozvo zvinodikanwa kuve nehunhu hwese Hi uye humbowo hwavo hwega hwega kuratidza chokwadi H0.
Nekudaro, kana paine kumwe kuvhiya pamapoinzi pama elliptic curves ayo akafanana semantically nekuwanza, humbowo hwehuchokwadi. H0 zvingava zvidiki, taingoita chokwadi chekuti
H0 Γ G = p(0)G Γ H
Kana iyo yakasarudzwa curve inotsigira , uchapupu uhwu hunoshanda. Panyaya iyi H0 haisi kungobuda kwejenareta yenhamba isina kurongeka, inogona kusimbiswa nechero mutori wechikamu anoziva. G, H ΠΈ p(0)G. H0 zvakare siginicha pameseji yakashandiswa sembeu, ichisimbisa izvozvo k ΠΈ n vatori vechikamu vakasaina meseji iyi. Saka, kana mbeu - ndiyo hashi ye block mu blockchain protocol, ipapo H0 ese ari maviri-akawanda-siginicha pabhuroko uye yakanaka kwazvo isina kurongeka nhamba.
Mukupedzisa
Ichi chinyorwa chikamu chehunyanzvi hweblog blog . PEDYO ndeye blockchain protocol uye chikuva chekuvandudza dhizaini maapplication achisimbisa kusununguka kwekusimudzira uye nyore kushandisa kwevashandisi vekupedzisira.
Iyo protocol kodhi yakavhurika, kuita kwedu kwakanyorwa muRust, inogona kuwanikwa .
Iwe unogona kuona kuti budiriro yeNEAR inoita sei uye kuyedza muIDE yepamhepo .
Unogona kutevera nhau dzose muchiRussia pa and in , uye muchirungu mumukuru .
Ndinokuwona manje manje!
Source: www.habr.com