Is this an implementation of Boneh, Drijvers, Neven or otherwise secure against a rogue public-key attack?

phoreproject / bls

Go implementation of the BLS12-381 pairing

Apache License 2.0

89 stars 31 forks source link

Is this an implementation of Boneh, Drijvers, Neven or otherwise secure against a rogue public-key attack? #10

Open SaleProperly opened 5 years ago

SaleProperly commented 5 years ago

I know there is a BLS multisig scheme where a common message can be signed and it is secure against a rogue public-key attack see https://crypto.stanford.edu/~dabo/pubs/papers/BLSmultisig.html

Is this an implementation of that or do additional precautions need to be taken when signing a common message?

meyer9 commented 5 years ago

Make sure when aggregating keys that you have confirmed that users have access to the private key corresponding to the public key. This can be done by having them sign their own public key.

SaleProperly commented 5 years ago

I thought that might be the case, but I wanted to double check. Thanks.

Perhaps this should be made clearer elsewhere for others who might not know better? Or is it already mentioned somewhere?