HashCloak Newsletter February 2023
February 2023 Edition of the HashCloak Newsletter
Welcome to the February edition of our brand new HashCloak Newsletter! We hope you enjoyed our January edition and are excited to continue bringing you interesting content. As a leading R&D privacy lab, we are committed to sharing our insights and findings with our readers. In addition to short form content around what we've been working on at HashCloak, we will also be posting links to interesting readings and research that we believe will be of interest to you. We hope you find this month’s edition informative and engaging!
Stuff We’ve been reading
Aurore Guillevic - A short-list of pairing-friendly curves resistant to Special TNFS at the 128-bit security level (2019)
Drew Stone - Webb Protocol: A cross-chain private application and governance protocol (2023)
A new series of videos on zero-knowledge proof composition and recursion (part 1)
Implementing Cryptographic Pairings Over Curves of Embedding Degrees 8 and 10
Cocks–Pinch curves of embedding degrees five to eight and optimal ate pairing computation
Stuff We’ve been playing with
Stuff We’ve been watching
Interesting HashCloak Research Project of the Month
As part of a Starkware grant received in 2022, we have been doing research on Starknet-friendly privacy primitives. We have been working on Starkacy, a Cairo library in which we implement several privacy-preserving protocols to be used within Cairo projects. Starkacy is very early in its development and as such, only contains a schnorr signature implementation of the Starknet curve.
As part of working on Starkacy, we have designed a starknet-friendly twisted edwards curve called Starkjub and are doing research into a starknet-friendly pairing-friendly curve codenamed Lokum. We have a starkjub implementation in Python/Sagemath and Cairo. We are in the midst of doing research and other analysis of an initial candidate for Lokum.
We will be making more formal announcements about our work soon.
Special Purpose Cryptography Protocol of the Month
As part of our consulting practice, we notice that many of our clients try to shoehorn general purpose cryptography such as ZK-SNARKs into problems for which there are well-studied, understood and implemented special purpose protocols. In this section, every month, we hope to give you a taste of a useful special purpose protocol in order to better educate you on good composable cryptographic design principles.This month, we will provide a short summary of ZKAttest, a protocol for using existing ECDSA keypairs for ring signatures.
ZKAttest is a protocol for constructing ring signatures for ECDSA signatures. First, the authors leverage the fact that ECDSA verification is zk-friendly in order to construct a zero-knowledge proof of validity of an ECDSA signature. The ECDSA signature verification process involves point addition and scalar multiplication. To do this, the authors construct proof of knowledge protocols for point addition and scalar multiplication. Then, leverage these newly constructed primitives by constructing a sigma protocol for the final proof of validity of an ECDSA signature. This process involves leveraging the NIST standard P-256 curve and the construction of a new curve called Tom, constructed via the Complex Multiplication method.
As an application of this protocol, the authors construct ring signatures. The authors do this by combining their proof of knowledge for ECDSA signatures alongside Groth-Kohlweiss proofs, a set membership proof protocol.
To learn more about ZKAttest, you can read more about it here. If you want to learn more about Groth Kohlweiss proofs, which are a primitive in many ZKP protocols, you can read it here. We may even cover them in a future edition of the HashCloak newsletter!
Thank you for reading our February Newsletter! We hope you found our content informative and enjoyed learning about our latest research and insights. Our team is excited to continue sharing our findings and interesting reads with you, so be sure to subscribe to our newsletter to receive the next edition straight to your inbox. Also, don’t forget to follow us on Twitter to stay up to date with our latest news and updates. We appreciate your continued support and look forward to bringing you more great content next month.
Lastly, if you or your company needs security audits, R&D around privacy and cryptography or any other consulting services, you can reach out by scheduling a call with us here: https://calendly.com/d/hhc-dnq-wfd/hashcloak-services-inquiries