Cryptographic enhancements

[jot2re]

A couple of cryptographic enhancements to increase the cryptographic robustness of the system. Ideally this should make the system closer to being formally provable secure and harder to compromise in case of programming errors or future design errors. Note: No usable attacks are known that take advance of these enhancements not being in place.

1. Ensure that the Proofs of Knowledge are linked to their specific usage and cannot be reused. This should be the case both for the usage proof (in relation to the Attestation request) and the equality proof. See this post for details.
2. Include a hash of the signed Attestation request in the attestation itself. This will allow anyone to verify that the user who holds the key attested to has actually requested an attestation. This is to prevent a malicious Attestation authority constructing fake attestations that the Ethereum users did not consent to.

[jot2re]

Part 1 has been partially handled in PR #113 where support for nonce in the ZK proofs have been added (though it is optional). So far it is only used in attestation requests. Furthermore, note that the nonce currently is context and time-based. I.e. short term replay attacks are possible for the same service. We might want to change this to a challenge response approach where the server holds a time-based hash map in ram over active sessions.