Add DST as input to hash_to_scalar

decentralized-identity / bbs-signature

The BBS Signature Scheme

https://identity.foundation/bbs-signature/draft-irtf-cfrg-bbs-signatures.html

Apache License 2.0

79 stars 26 forks source link

Add DST as input to hash_to_scalar #211

Closed BasileiosKal closed 2 years ago

BasileiosKal commented 2 years ago

Closes #194

I also updated the definition of the ciphersuite_id to be a ASCII string, instead of an octet string. This makes it easier to concatenate it with other strings to create DSTs which will then become octet strings using utf8().

Lastly, I'm passing the inputted message in MapMessageToScalarAsHash directly to hash_to_scalar because I don't see a reason to append it with each length anymore, since we are using expand_message

BasileiosKal commented 2 years ago

Discussed on the WG call of the 22nd of August. Will need to make the DST formats consistent across operations. Will use octet-strings for the DSTs and have them default to utf8(default_dst).

tplooker commented 2 years ago

Discussed on WG call 29th August, awaiting updates and re-review.

tplooker commented 2 years ago

Multiple approvals, discussed on WG call, merging