#include <Params.h>
Definition at line 62 of file Params.h.
◆ AccumulatorAndProofParams()
| libzerocoin::AccumulatorAndProofParams::AccumulatorAndProofParams |
( |
| ) |
|
Construct a set of Zerocoin parameters from a modulus "N".
- Parameters
-
| N | A trusted RSA modulus |
| securityLevel | A security level expressed in symmetric bits (default 80) |
Allocates and derives a set of Zerocoin parameters from a trustworthy RSA modulus "N". This routine calculates all of the remaining parameters (group descriptions etc.) from N using a verifiable, deterministic procedure.
Note: this constructor makes the fundamental assumption that "N" encodes a valid RSA-style modulus of the form "e1 * e2" where "e1" and "e2" are safe primes. The factors "e1", "e2" MUST NOT be known to any party, or the security of Zerocoin is compromised. The integer "N" must be a MINIMUM of 1024 in length. 3072 bits is strongly recommended.
Definition at line 33 of file Params.cpp.
◆ SERIALIZE_METHODS()
◆ accumulatorBase
| CBigNum libzerocoin::AccumulatorAndProofParams::accumulatorBase |
The initial value for the accumulator A random Quadratic residue mod n that's not 1.
Definition at line 96 of file Params.h.
◆ accumulatorModulus
| CBigNum libzerocoin::AccumulatorAndProofParams::accumulatorModulus |
Modulus used for the accumulator.
Product of two safe primes who's factorization is unknown.
Definition at line 90 of file Params.h.
◆ accumulatorPoKCommitmentGroup
The second of two groups used to form a commitment to a coin (which it self is a commitment to a serial number).
This one differs from serialNumberSokCommitment due to restrictions from Camenisch and Lysyanskaya's paper.
Definition at line 116 of file Params.h.
◆ accumulatorQRNCommitmentGroup
Hidden order quadratic residue group mod N.
Used in the accumulator proof.
Definition at line 122 of file Params.h.
◆ initialized
| bool libzerocoin::AccumulatorAndProofParams::initialized |
◆ k_dprime
| uint32_t libzerocoin::AccumulatorAndProofParams::k_dprime |
Security parameter.
The statistical zero-knowledgeness of the accumulator proof.
Definition at line 134 of file Params.h.
◆ k_prime
| uint32_t libzerocoin::AccumulatorAndProofParams::k_prime |
Security parameter.
Bit length of the challenges used in the accumulator proof.
Definition at line 128 of file Params.h.
◆ maxCoinValue
| CBigNum libzerocoin::AccumulatorAndProofParams::maxCoinValue |
Upper bound on the value for a committed coin.
Required by the accumulator proof.
Definition at line 108 of file Params.h.
◆ minCoinValue
| CBigNum libzerocoin::AccumulatorAndProofParams::minCoinValue |
Lower bound on the value for committed coin.
Required by the accumulator proof.
Definition at line 102 of file Params.h.
The documentation for this class was generated from the following files:
1.9.1