A Chaum-Pedersen proof of knowledge proves the equivalence of discrete
logarithms without revealing the value of the discrete logarithm itself.
This means we will verify that given two numbers A, and B, both numbers
follow the two following formulas and we know but don't reveal the
number 'witness':
A = g^witness (mod p)
B = K^witness (mod p)
This can be used to prove that an encrypted exponential ElGamal message,
that is of the form (c1, c2) = (g^r, g^m * K^r) is of a specific value
'm' (for example 0, 1, or 56) if we use a Chaum-Pedersen proof with
values (A, B) = (c1, c2 / g^m) = (g^r, K^r).
In the code, we verify the Chaum-Pedersen proof using as generalized
SigmaProof using the SchnorrProof class from the verificatum library
vjsc.
Verifies a Chaum-Pedersen Proof record.
A Chaum-Pedersen proof of knowledge proves the equivalence of discrete logarithms without revealing the value of the discrete logarithm itself.
This means we will verify that given two numbers A, and B, both numbers follow the two following formulas and we know but don't reveal the number 'witness':
A = g^witness (mod p) B = K^witness (mod p)
This can be used to prove that an encrypted exponential ElGamal message, that is of the form (c1, c2) = (g^r, g^m * K^r) is of a specific value 'm' (for example 0, 1, or 56) if we use a Chaum-Pedersen proof with values (A, B) = (c1, c2 / g^m) = (g^r, K^r).
In the code, we verify the Chaum-Pedersen proof using as generalized SigmaProof using the SchnorrProof class from the verificatum library vjsc.