PBC Library Manual 0.5.11 - Stanford Crypto Group
PBC Library Manual 0.5.11 - Stanford Crypto Group
PBC Library Manual 0.5.11 - Stanford Crypto Group
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
element_t sig;<br />
element_t temp1, temp2;<br />
element_init_G2(g, pairing);<br />
element_init_G2(public_key, pairing);<br />
element_init_G1(h, pairing);<br />
element_init_G1(sig, pairing);<br />
element_init_GT(temp1, pairing);<br />
element_init_GT(temp2, pairing);<br />
element_init_Zr(secret_key, pairing);<br />
generate system parameters,<br />
element_random(g);<br />
generate a private key,<br />
element_random(secret_key);<br />
and the corresponding public key.<br />
element_pow_zn(public_key, g, secret_key);<br />
Chapter 2. Tutorial<br />
When given a message to sign, we first compute its hash, using some standard hash algorithm. Many<br />
libraries can do this, and this operation does not involve pairings, so <strong>PBC</strong> does not provide functions for<br />
this step. For this example, and our message has already been hashed, possibly using another library.<br />
Say the message hash is "ABCDEF" (a 48-bit hash). We map these bytes to an element h of G1,<br />
element_from_hash(h, "ABCDEF", 6);<br />
then sign it:<br />
element_pow_zn(sig, h, secret_key);<br />
To verify this signature, we compare the outputs of the pairing applied to the signature and system<br />
parameter, and the pairing applied to the message hash and public key. If the pairing outputs match then<br />
the signature is valid.<br />
pairing_apply(temp1, sig, g, pairing);<br />
pairing_apply(temp2, h, public_key, pairing);<br />
if (!element_cmp(temp1, temp2)) {<br />
printf("signature verifies\n");<br />
} else {<br />
printf("signature does not verify\n");<br />
}<br />
5