Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use power-of-two field for secret sharing #9

Open
alxdavids opened this issue Sep 16, 2021 · 1 comment
Open

Use power-of-two field for secret sharing #9

alxdavids opened this issue Sep 16, 2021 · 1 comment

Comments

@alxdavids
Copy link
Contributor

Overview

Currently we use the default prime-order field that is provided in the https://github.com/zkcrypto/ff crate, i.e. the 255-bit that is used by the JubJub curve: https://github.com/brave-experiments/sta-rs/blob/main/sharks/src/share_ff.rs#L11-L15. We need to use such a large field to ensure that there are not collisions during the sharing process in the sta-rs protocol.

For the Shamir-based secret sharing approach we use, we could also the finite Galois field GF(2^256) which would provide us with a cleaner modulus that allows us to fit in 32 bytes of data into a single share. Unfortunately I couldn't previously find instantiations of this field anywhere.

Task

Replace the usage of the current prime-order field with an implementation of GF(2^256).
@alxdavids
Copy link
Contributor Author

After doing an investigation, I wasn't able to find a power-of-two field implementation in rust that would really work for what we need. Personally, I think this is low-priority because the field itself does not impact security, and the implementations that we have seem efficient enough.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@alxdavids