org.cryptimeleon.craco.sig

Interface SignatureScheme

All Superinterfaces:

org.cryptimeleon.math.serialization.Representable, org.cryptimeleon.math.serialization.annotations.RepresentationRestorer, org.cryptimeleon.math.serialization.StandaloneRepresentable

All Known Subinterfaces:

MultiMessageSignatureScheme, MultiMessageStructurePreservingSignatureScheme, StandardMultiMessageSignatureScheme, StandardSignatureScheme, StructurePreservingSignatureEQScheme

All Known Implementing Classes:

BBSBSignatureScheme, ECDSASignatureScheme, HashThenSign, PS18ROMSignatureScheme, PS18SignatureScheme, PSExtendedSignatureScheme, PSSignatureScheme, SPSAGHO11SignatureScheme, SPSEQSignatureScheme, SPSFSP2SignatureScheme, SPSGroth15SignatureScheme, SPSKPW15SignatureScheme, SPSPOSSignatureScheme, SPSXSIGSignatureScheme

public interface SignatureScheme
extends org.cryptimeleon.math.serialization.StandaloneRepresentable, org.cryptimeleon.math.serialization.annotations.RepresentationRestorer

A SignatureScheme has the ability to sign plaintexts and verify the resulting signature (using SigningKeys and VerificationKeys).

The functional contract is that verify(sign(m, sk), pk) == true for sk, pk that "fit" together (depending on the concrete type of signature scheme).

Sub-Interfaces define how you obtain signing and verification keys.

SignatureScheme instances implement StandaloneRepresentable. So once set up, you can restore the same scheme with the same public parameters using the Representation mechanism (i.e. call the class's constructor with a Representation argument).

We note that we see all signature schemes as single-message schemes. However, some signature schemes may be able to sign MessageBlocks (cf., for example, StandardMultiMessageSignatureScheme).

Method Summary

Modifier and Type	Method and Description
int	getMaxNumberOfBytesForMapToPlaintext() Returns the maximal number of bytes that can be mapped injectively to a PlainText by mapToPlaintext(byte[], SigningKey) and mapToPlaintext(byte[], VerificationKey).
PlainText	mapToPlaintext(byte[] bytes, SigningKey sk) Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).
PlainText	mapToPlaintext(byte[] bytes, VerificationKey pk) Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).
default java.lang.Object	restoreFromRepresentation(java.lang.reflect.Type type, org.cryptimeleon.math.serialization.Representation repr)
PlainText	restorePlainText(org.cryptimeleon.math.serialization.Representation repr)
Signature	restoreSignature(org.cryptimeleon.math.serialization.Representation repr)
SigningKey	restoreSigningKey(org.cryptimeleon.math.serialization.Representation repr)
VerificationKey	restoreVerificationKey(org.cryptimeleon.math.serialization.Representation repr)
Signature	sign(PlainText plainText, SigningKey secretKey) Signs the giving plaintext using the given signing key.
default Signature	sign(org.cryptimeleon.math.serialization.Representation plainText, org.cryptimeleon.math.serialization.Representation secretKey)
java.lang.Boolean	verify(PlainText plainText, Signature signature, VerificationKey publicKey) Verifies the given signature for the given plaintext using the given verification key.
default java.lang.Boolean	verify(org.cryptimeleon.math.serialization.Representation plainText, org.cryptimeleon.math.serialization.Representation signature, org.cryptimeleon.math.serialization.Representation publicKey)

Methods inherited from interface org.cryptimeleon.math.serialization.Representable

getRepresentation

Method Detail

sign

Signature sign(PlainText plainText,
               SigningKey secretKey)

Signs the giving plaintext using the given signing key. The signing key should contain all information necessary to sign, therefore public key is not needed.

Parameters:

plainText - the message to sign

secretKey - the secret signing key

Returns:

signature on plainText computed using secretKey

verify

java.lang.Boolean verify(PlainText plainText,
                         Signature signature,
                         VerificationKey publicKey)

Verifies the given signature for the given plaintext using the given verification key.

Parameters:

plainText - the plaintext the signature should validate against

signature - the signature to verify

publicKey - the verification key to verify with

Returns:

true if verification succeeds, false else

restorePlainText

PlainText restorePlainText(org.cryptimeleon.math.serialization.Representation repr)

restoreSignature

Signature restoreSignature(org.cryptimeleon.math.serialization.Representation repr)

restoreSigningKey

SigningKey restoreSigningKey(org.cryptimeleon.math.serialization.Representation repr)

restoreVerificationKey

VerificationKey restoreVerificationKey(org.cryptimeleon.math.serialization.Representation repr)

sign

default Signature sign(org.cryptimeleon.math.serialization.Representation plainText,
                       org.cryptimeleon.math.serialization.Representation secretKey)

verify

default java.lang.Boolean verify(org.cryptimeleon.math.serialization.Representation plainText,
                                 org.cryptimeleon.math.serialization.Representation signature,
                                 org.cryptimeleon.math.serialization.Representation publicKey)

mapToPlaintext

PlainText mapToPlaintext(byte[] bytes,
                         VerificationKey pk)

Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).

It only guarantees injectivity for arrays of the same length. Applications that would like to use mapToPlaintext with multiple different array lengths may want to devise a padding method and then only call mapToPlaintext with byte arrays of the same (padded) length.

The contract is that VerificationKey pk and SigningKey sk are compatible (in the sense that verify(m,sign(m, sk),pk) == true), then mapToPlaintext(bytes, pk)) equals mapToPlaintext(bytes, sk) for all bytes.

Parameters:

bytes - bytes to be mapped to a PlainText

pk - the verification key for which the resulting PlainText should be valid (note that the plaintext space may differ for different verification keys).

Returns:

the corresponding plaintext

Throws:

java.lang.IllegalArgumentException - if there is no injective PlainText element of these bytes (e.g., the byte array is too long)

mapToPlaintext

PlainText mapToPlaintext(byte[] bytes,
                         SigningKey sk)

Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).

It only guarantees injectivity for arrays of the same length. Applications that would like to use mapToPlaintext with multiple different array lengths may want to devise a padding method and then only call mapToPlaintext with byte arrays of the same (padded) length.

The contract is that VerificationKey pk and SigningKey sk are compatible (in the sense that verify(m,sign(m, sk),pk) == true), then mapToPlaintext(bytes, pk)) equals mapToPlaintext(bytes, sk) for all bytes.

Parameters:

bytes - bytes to be mapped to a PlainText

sk - the signing key for which the resulting PlainText should be valid (note that the plaintext space may differ for different signing keys).

Returns:

the corresponding plaintext

Throws:

java.lang.IllegalArgumentException - if there is no injective PlainText element of these bytes (e.g., the byte array is too long)

getMaxNumberOfBytesForMapToPlaintext

int getMaxNumberOfBytesForMapToPlaintext()

Returns the maximal number of bytes that can be mapped injectively to a PlainText by mapToPlaintext(byte[], SigningKey) and mapToPlaintext(byte[], VerificationKey).

As described in mapToPlaintext(byte[], org.cryptimeleon.craco.sig.VerificationKey) there might be no injective PlainText for some byte arrays, e.g. if the byte array is too long. Therefore, this method provides the maximal number of bytes that can be mapped injectively to a PlainText.

Returns:

maximal number of bytes that can be given to mapToPlaintext(byte[], org.cryptimeleon.craco.sig.VerificationKey).

restoreFromRepresentation

default java.lang.Object restoreFromRepresentation(java.lang.reflect.Type type,
                                                   org.cryptimeleon.math.serialization.Representation repr)

Specified by:

restoreFromRepresentation in interface org.cryptimeleon.math.serialization.annotations.RepresentationRestorer