PS18SignatureScheme (craco 4.0.2 API)

java.lang.Object
- org.cryptimeleon.craco.sig.ps18.PS18SignatureScheme

All Implemented Interfaces:

SignatureScheme, org.cryptimeleon.math.serialization.annotations.RepresentationRestorer, org.cryptimeleon.math.serialization.Representable, org.cryptimeleon.math.serialization.StandaloneRepresentable

Direct Known Subclasses:

PS18ROMSignatureScheme
```
public class PS18SignatureScheme
extends java.lang.Object
implements SignatureScheme
```

Constructor Summary

Constructors
Constructor and Description

PS18SignatureScheme(PSPublicParameters pp)

PS18SignatureScheme(org.cryptimeleon.math.serialization.Representation repr)

Constructors
Constructor and Description
`PS18SignatureScheme(PSPublicParameters pp)`
`PS18SignatureScheme(org.cryptimeleon.math.serialization.Representation repr)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected org.cryptimeleon.math.structures.groups.GroupElement`	`computeLeftHandSide(MessageBlock messageBlock, PS18VerificationKey pk, org.cryptimeleon.math.structures.rings.zn.Zp.ZpElement exponentPrimeM, org.cryptimeleon.math.structures.groups.GroupElement sigma1)` Computes left hand side of verification equation.
`protected org.cryptimeleon.math.structures.groups.GroupElement`	`computeSigma2(MessageBlock messageBlock, PS18SigningKey sk, org.cryptimeleon.math.structures.rings.zn.Zp.ZpElement exponentPrimeM, org.cryptimeleon.math.structures.groups.GroupElement sigma1)` Computes sigma_2 in paper.
`boolean`	`equals(java.lang.Object obj)`
`SignatureKeyPair<PS18VerificationKey,PS18SigningKey>`	`generateKeyPair(int numberOfMessages)`
`int`	`getMaxNumberOfBytesForMapToPlaintext()` Returns the maximal number of bytes that can be mapped injectively to a `PlainText` by `SignatureScheme.mapToPlaintext(byte[], SigningKey)` and `SignatureScheme.mapToPlaintext(byte[], VerificationKey)`.
`PSPublicParameters`	`getPp()`
`org.cryptimeleon.math.serialization.Representation`	`getRepresentation()`
`int`	`hashCode()`
`protected MessageBlock`	`mapToPlaintext(byte[] bytes, int messageBlockLength)`
`PlainText`	`mapToPlaintext(byte[] bytes, SigningKey sk)` Provides an injective mapping of the given bytes to a `PlainText` usable with this scheme (which may be a `MessageBlock`).
`PlainText`	`mapToPlaintext(byte[] bytes, VerificationKey pk)` Provides an injective mapping of the given bytes to a `PlainText` usable with this scheme (which may be a `MessageBlock`).
`PlainText`	`restorePlainText(org.cryptimeleon.math.serialization.Representation repr)`
`Signature`	`restoreSignature(org.cryptimeleon.math.serialization.Representation repr)`
`SigningKey`	`restoreSigningKey(org.cryptimeleon.math.serialization.Representation repr)`
`VerificationKey`	`restoreVerificationKey(org.cryptimeleon.math.serialization.Representation repr)`
`Signature`	`sign(PlainText plainText, SigningKey secretKey)` Signs the giving plaintext using the given signing key.
`java.lang.Boolean`	`verify(PlainText plainText, Signature signature, VerificationKey publicKey)` Verifies the given signature for the given plaintext using the given verification key.

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.cryptimeleon.craco.sig.SignatureScheme
restoreFromRepresentation, sign, verify

- Constructor Detail
  - PS18SignatureScheme
```
public PS18SignatureScheme(PSPublicParameters pp)
```
  - PS18SignatureScheme
```
public PS18SignatureScheme(org.cryptimeleon.math.serialization.Representation repr)
```
- Method Detail
  - getRepresentation
```
public org.cryptimeleon.math.serialization.Representation getRepresentation()
```
    Specified by:
    
    getRepresentation in interface org.cryptimeleon.math.serialization.Representable
  - generateKeyPair
```
public SignatureKeyPair<PS18VerificationKey,PS18SigningKey> generateKeyPair(int numberOfMessages)
```
  - sign
```
public Signature sign(PlainText plainText,
                      SigningKey secretKey)
```
    Description copied from interface: SignatureScheme
    
    Signs the giving plaintext using the given signing key. The signing key should contain all information necessary to sign, therefore public key is not needed.
    
    Specified by:
    
    sign in interface SignatureScheme
    
    Parameters:
    
    plainText - the message to sign
    
    secretKey - the secret signing key
    
    Returns:
    
    signature on plainText computed using secretKey
  - verify
```
public java.lang.Boolean verify(PlainText plainText,
                                Signature signature,
                                VerificationKey publicKey)
```
    Description copied from interface: SignatureScheme
    
    Verifies the given signature for the given plaintext using the given verification key.
    
    Specified by:
    
    verify in interface SignatureScheme
    
    Parameters:
    
    plainText - the plaintext the signature should validate against
    
    signature - the signature to verify
    
    publicKey - the verification key to verify with
    
    Returns:
    
    true if verification succeeds, false else
  - computeSigma2
```
protected org.cryptimeleon.math.structures.groups.GroupElement computeSigma2(MessageBlock messageBlock,
                                                                             PS18SigningKey sk,
                                                                             org.cryptimeleon.math.structures.rings.zn.Zp.ZpElement exponentPrimeM,
                                                                             org.cryptimeleon.math.structures.groups.GroupElement sigma1)
```
    Computes sigma_2 in paper. Since this computation is shared between the regular [PS18] and the random oracle version – just with a different exponentPrimeM – we outsource it to this method.
    
    Parameters:
    
    messageBlock - message to sign.
    
    sk - signing key.
    
    exponentPrimeM - m' in paper.
    
    sigma1 - \sigma_1 (also h) in paper.
    
    Returns:
    
    \sigma_2 from paper.
  - computeLeftHandSide
```
protected org.cryptimeleon.math.structures.groups.GroupElement computeLeftHandSide(MessageBlock messageBlock,
                                                                                   PS18VerificationKey pk,
                                                                                   org.cryptimeleon.math.structures.rings.zn.Zp.ZpElement exponentPrimeM,
                                                                                   org.cryptimeleon.math.structures.groups.GroupElement sigma1)
```
    Computes left hand side of verification equation. Since this computation is shared between the regular [PS18] and the random oracle version – just with a different exponentPrimeM – we outsource it to this method.
    
    Parameters:
    
    messageBlock - message to verify signature for.
    
    pk - public verification key
    
    exponentPrimeM - m' in paper. First element of signature (for 4.2) or computed from message using random oracle (hash function) (for ROM from 4.3).
    
    sigma1 - \sigma_1 in paper. Either second or first element of signature (see above).
    
    Returns:
    
    element of G_T which is the left hand side of the verification equation.
  - mapToPlaintext
```
public PlainText mapToPlaintext(byte[] bytes,
                                SigningKey sk)
```
    Description copied from interface: SignatureScheme
    
    Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).
    It only guarantees injectivity for arrays of the same length. Applications that would like to use mapToPlaintext with multiple different array lengths may want to devise a padding method and then only call mapToPlaintext with byte arrays of the same (padded) length.
    The contract is that VerificationKey pk and SigningKey sk are compatible (in the sense that verify(m,sign(m, sk),pk) == true), then mapToPlaintext(bytes, pk)) equals mapToPlaintext(bytes, sk) for all bytes.
    
    Specified by:
    
    mapToPlaintext in interface SignatureScheme
    
    Parameters:
    
    bytes - bytes to be mapped to a PlainText
    
    sk - the signing key for which the resulting PlainText should be valid (note that the plaintext space may differ for different signing keys).
    
    Returns:
    
    the corresponding plaintext
  - mapToPlaintext
```
public PlainText mapToPlaintext(byte[] bytes,
                                VerificationKey pk)
```
    Description copied from interface: SignatureScheme
    
    Provides an injective mapping of the given bytes to a PlainText usable with this scheme (which may be a MessageBlock).
    It only guarantees injectivity for arrays of the same length. Applications that would like to use mapToPlaintext with multiple different array lengths may want to devise a padding method and then only call mapToPlaintext with byte arrays of the same (padded) length.
    The contract is that VerificationKey pk and SigningKey sk are compatible (in the sense that verify(m,sign(m, sk),pk) == true), then mapToPlaintext(bytes, pk)) equals mapToPlaintext(bytes, sk) for all bytes.
    
    Specified by:
    
    mapToPlaintext in interface SignatureScheme
    
    Parameters:
    
    bytes - bytes to be mapped to a PlainText
    
    pk - the verification key for which the resulting PlainText should be valid (note that the plaintext space may differ for different verification keys).
    
    Returns:
    
    the corresponding plaintext
  - getMaxNumberOfBytesForMapToPlaintext
```
public int getMaxNumberOfBytesForMapToPlaintext()
```
    Description copied from interface: SignatureScheme
    
    Returns the maximal number of bytes that can be mapped injectively to a PlainText by SignatureScheme.mapToPlaintext(byte[], SigningKey) and SignatureScheme.mapToPlaintext(byte[], VerificationKey).
    As described in SignatureScheme.mapToPlaintext(byte[], org.cryptimeleon.craco.sig.VerificationKey) there might be no injective PlainText for some byte arrays, e.g. if the byte array is too long. Therefore, this method provides the maximal number of bytes that can be mapped injectively to a PlainText.
    
    Specified by:
    
    getMaxNumberOfBytesForMapToPlaintext in interface SignatureScheme
    
    Returns:
    
    maximal number of bytes that can be given to SignatureScheme.mapToPlaintext(byte[], org.cryptimeleon.craco.sig.VerificationKey).
  - mapToPlaintext
```
protected MessageBlock mapToPlaintext(byte[] bytes,
                                      int messageBlockLength)
```
  - restorePlainText
```
public PlainText restorePlainText(org.cryptimeleon.math.serialization.Representation repr)
```
    Specified by:
    
    restorePlainText in interface SignatureScheme
  - restoreSignature
```
public Signature restoreSignature(org.cryptimeleon.math.serialization.Representation repr)
```
    Specified by:
    
    restoreSignature in interface SignatureScheme
  - restoreSigningKey
```
public SigningKey restoreSigningKey(org.cryptimeleon.math.serialization.Representation repr)
```
    Specified by:
    
    restoreSigningKey in interface SignatureScheme
  - restoreVerificationKey
```
public VerificationKey restoreVerificationKey(org.cryptimeleon.math.serialization.Representation repr)
```
    Specified by:
    
    restoreVerificationKey in interface SignatureScheme
  - getPp
```
public PSPublicParameters getPp()
```
  - hashCode
```
public int hashCode()
```
    Overrides:
    
    hashCode in class java.lang.Object
  - equals
```
public boolean equals(java.lang.Object obj)
```
    Overrides:
    
    equals in class java.lang.Object

Class PS18SignatureScheme

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Methods inherited from interface org.cryptimeleon.craco.sig.SignatureScheme

Constructor Detail

PS18SignatureScheme

PS18SignatureScheme

Method Detail

getRepresentation

generateKeyPair

sign

verify

computeSigma2

computeLeftHandSide

mapToPlaintext

mapToPlaintext

getMaxNumberOfBytesForMapToPlaintext

mapToPlaintext

restorePlainText

restoreSignature

restoreSigningKey

restoreVerificationKey

getPp

hashCode

equals