Easy Fiat-Shamirization using Meow

Overview

Magikitten

A system for making public-coin protocols non-interactive, using Meow.

This library is also heavily inspired by Merlin, and provides a similar construction, albeit with some differences.

Usage

The essence of using the library is that you initialize a Transcript object, and then alternate between feeding in data and extracting out randomness:

use rand_core::RngCore;
use magikitten::Transcript;

let mut transcript = Transcript::new(b"my cool protocol");
transcript.message(b"message0", b"hello world!");
let c0 = transcript.challenge(b"challenge0").next_u64();
transcript.message(b"message1", b"hello world again!");
let c1 = transcript.challenge(b"challenge1").next_u64();

The challenge function ratchets the state of the transcript, and then gives you an object implementing RngCore, allowing you to extract arbitrary randomness. This randomness depends (unpredictably) on the state of the transcript so far, but is otherwise deterministic. The label you use to create the challenge RNG also affects the transcript, but then the state of the RNG is independent, and the way you use the RNG doesn't affect the transcript. Implementing RngCore lets you use the challenge RNG to generate arbitrarily complex objects. For example, you can do rejection sampling, or other tricky techniques.

Sequential Composition

In most situations, you should write schemes to accept a Transcript as an argument, rather than creating it themselves.

This allows schemes to be composed sequentially, by having one scheme use the running transcript that another scheme interacted with.

Differences with Merlin

This library is heavily inspired by Merlin, which essentially serves the same use case. There are a few differences though.

Magikitten uses a reduced round permutation

Rather than using Keccak with 24 rounds, we use KitTen, which is Keccak with only 10 rounds. This makes the protocol faster, but obviously more vulnerable to potential advances in the cryptanalysis of Keccak.

See Meow for some more rationale on using KitTen.

Challenges are a stream of bytes

Merlin requires you to specify the length of a challenge, and it just generates a challenge of that length. Magikitten, on the other hand, gives you an arbitrary RNG object. I think this makes the library easier to use, since many functions can easily be written to accept an object implementing the RngCore trait. Some sampling algorithms, like rejection sampling, don't work well if you need to know the length of the bits you need to sample in advance.

Also, the RNG object is seeded from the transcript, but then becomes independent. With an independent state, the way you query bits of the RNG doesn't affect the rest of the transcript. This is more intuitive, since seemingly equivalent behavior can't change the results. For example, if you do rejection sampling using a buffer of bytes, increasing this buffer size won't affect the results you get with Magikitten, because the RNG can be treated as simply an infinite stream of bytes.

With Merlin, the length of each RNG query is recorded, and so different query patterns for the RNG change the result.

No support for private RNG

At the moment, Magikitten doesn't support private randomness. This is a feature that might be added in the future though.

You might also like...
Simple to use CLI tool that makes encryption easy! Written in Rust.

🔒 eme: Encryption Made Easy an extremely simple AES-256 encryption tool written in Rust Usage: # To encrypt: eme --encrypt secret.png # To decrypt: e

Simple node and rust script to achieve an easy to use bridge between rust and node.js

Node-Rust Bridge Simple rust and node.js script to achieve a bridge between them. Only 1 bridge can be initialized per rust program. But node.js can h

A simple self-contained CLI tool that makes it easy to efficiently encrypt/decrypt your files.

cryptic A simple self-contained CLI tool that makes it easy to efficiently encrypt/decrypt your files. Contents Features Building Usage License Featur

Easy setup for Edge host.
Easy setup for Edge host.

Pod's Edge Staking GUI (beta) Features Easily setup your Edge host with a GUI (Graphical User Interface). Uses the device token staking method. Has no

a simple rust service for Scheduling commands execution on time basis, an easy alternative to cron

Tasker A Simple crate which provides a service and a configuration API for genrating commands based tasks ,on time basis. Installation build from sour

Radix Babylon vanity address finder allowing easy import into Radix mobile Wallet.
Radix Babylon vanity address finder allowing easy import into Radix mobile Wallet.

Rad Vanity address finder for Radix Babylon which you can import directly into your Radix Wallet using QR scanner using Import from a Legacy Wallet fe

Safe, fast, small crypto using Rust

THE SOFTWARE IS PROVIDED "AS IS" AND BRIAN SMITH AND THE AUTHORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES

X25519 elliptic curve Diffie-Hellman key exchange in pure-Rust, using curve25519-dalek.
X25519 elliptic curve Diffie-Hellman key exchange in pure-Rust, using curve25519-dalek.

x25519-dalek A pure-Rust implementation of x25519 elliptic curve Diffie-Hellman key exchange, with curve operations provided by curve25519-dalek. This

Exploration of using Storage instead of Allocator to parameterize collections in Rust

storage-poc aims at exploring the usage of custom Storages, rather than custom Allocators. Goals This is a Proof-of-Concept aiming at: Demonstrating t

Owner
Lúcás Meier
"apprentice cryptographer"
Lúcás Meier
Usable, easy and safe pure-Rust crypto

orion About Orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe

Johannes 476 Dec 22, 2022
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.

Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An

Cossack Labs 1.6k Dec 30, 2022
A modern, portable, easy to use crypto library.

Sodium is a new, easy-to-use software library for encryption, decryption, signatures, password hashing and more. It is a portable, cross-compilable, i

Frank Denis 10.7k Jan 3, 2023
An easy-to-use, high-performance Interledger implementation written in Rust

Interledger implementation in Rust ?? Requirements All crates require Rust 2018 edition and are tested on the following channels: stable Connecting to

Interledger.rs 184 Dec 13, 2022
An easy-to-use generic trainer for Linux, written in Rust.

An easy-to-use generic trainer for Linux written in Rust, with basic memory hacking features. Use it for your games or applications where needed, there is also the tuxtraind daemon which will probe for processes and apply matching trainers automatically.

null 37 Aug 10, 2022
Usable, easy and safe pure-Rust crypto

orion About Orion is a cryptography library written in pure Rust. It aims to provide easy and usable crypto while trying to minimize the use of unsafe

Orion - Rust cryptography library 477 Dec 29, 2022
egui: an easy-to-use immediate mode GUI in Rust that runs on both web and native

?? egui: an easy-to-use GUI in pure Rust ?? Click to run the web demo ?? egui is a simple, fast, and highly portable immediate mode GUI library for Ru

Cronus Diamond 7 Aug 13, 2022
Simple rust library for NFT metadata w/ an easy server

NFT Server Simple rust lib for NFT Metadata, and a basic axum server for delivering it $ cargo build $ cargo clippy $ cargo run --bin example Usage I

Nomad 6 Nov 4, 2022
📦+🦀=♥️ A tool that helps wrap binary releases for easy distribution

Rustwrap A tool that helps wrap binary releases for easy distribution. Currently supporting: npm - npm install -g your-tool will make your binary your

Rusty Ferris Club 7 Dec 15, 2022
An easy-to-use CLI tool to recover files from zfs snapshots

zfs-undelete an easy-to-use cli tool to recover files from zfs snapshots Usage Use zfs-undelete <file-to-restore>. Works for file and folders. By defa

null 9 Dec 15, 2022