Closed ggutoski closed 3 years ago
References for NICorrectKeyProof
: zk-paillier/correct_key_ni.rs at master · ZenGo-X/zk-paillier
// This protocol is based on the NIZK protocol in https://eprint.iacr.org/2018/057.pdf
// for parameters = e = N, m2 = 11, alpha = 6370 see https://eprint.iacr.org/2018/987.pdf 6.2.3
// for full details.
It's not clear to me why the zk proof for the zkp Paillier keys is different from the zk proof for the main Paillier keys.
At first the migration from curv to k256 will not include zk proofs for Paillier keys. These proofs should be implemented after the keygen enhancements described in axelarnetwork/tofnd#70 are complete.
The zengo multi-party-ecdsa/curv libraries have some zk proofs for Paillier keys. Documentation is minimal and the correspondence between with the GG20 paper is not clear but it's a place to start:
The GG20 paper has very little on these proofs: