Skip to content

Commit

Permalink
added explicit DSTs to all hash_to_curve calls
Browse files Browse the repository at this point in the history
  • Loading branch information
@CluEleSsUK
CluEleSsUK committed Sep 21, 2023
1 parent cda9820 commit b6d496f
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions src/crypto/ibe.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,14 +58,15 @@ async function encrypt<T, U>(

export async function encryptOnG1(master: PointG1, ID: Uint8Array, msg: Uint8Array): Promise<Ciphertext<PointG1>> {
return encrypt(master, ID, msg, PointG1.BASE,
(id: Uint8Array) => bls.PointG2.hashToCurve(id),
(id: Uint8Array) => bls.PointG2.hashToCurve(id, { DST: "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_" }),
(m, Qid) => bls.pairing(m, Qid)
)
}

// uses the DST for G2 erroneously
export async function encryptOnG2(master: PointG2, ID: Uint8Array, msg: Uint8Array): Promise<Ciphertext<PointG2>> {
return encrypt(master, ID, msg, PointG2.BASE,
(id: Uint8Array) => bls.PointG1.hashToCurve(id),
(id: Uint8Array) => bls.PointG1.hashToCurve(id, { DST: "BLS_SIG_BLS12381G2_XMD:SHA-256_SSWU_RO_NUL_" }),
(m, Qid) => bls.pairing(Qid, m)
)
}
Expand Down

0 comments on commit b6d496f

Please sign in to comment.