Lib.rs

Cryptography
#vrf #secret-key #crypto #side-channel #thread-safe #avoid

no-std ark-secret-scalar

Secret scalars for non-constant-time fields and curves

by hndnklnc, Jeff Burdges, InaOana, swasilyev and 4 contributors. Owned by Oliver Tale-Yazdi.

1 unstable release

0.0.2 Jan 24, 2025

#1093 in Cryptography

Download history 178/week @ 2025-01-21 15/week @ 2025-01-28 13/week @ 2025-02-04 16/week @ 2025-02-11

51 downloads per month
Used in 2 crates (via staging-dleq_vrf)

MIT/Apache

39KB
522 lines

Arkworks secret scalar handling via key splitting

Secret scalar split into the sum of two scalars, which randomly mutate but retain the same sum. Incurs 2x penalty in scalar multiplications, but provides side channel defenses.

We support &self recievers throughout, like typical secret keys do. We choose non-thread-safe interior mutability via UnsafeCell which avoids atomics, but makes SecretScalar only Send but !Sync.

As Mutex<T: Send>: Send+Sync, one should prefer Mutex<SecretKey> over cloning SecretScalar, simply to minimize clones of secret keys.

Dependencies

~6.5MB
~105K SLoC