vrf-mod

vrf-mod is an open source implementation of Verifiable Random Functions (VRFs) and Elliptical Curve VRFs written in Rust. This library follows algorithms described in:

• VRF-draft-05
• RFC6979

Disclaimer: Experimental

VRF

This module uses the OpenSSL library for big number cryptographic arithmetic.

Supported cipher suites include:

• PKI_MGF_MGF1_SHA1: mask generation algorithm utilizing SHA1.
• PKI_MGF_MGF1_SHA256: mask generation algorithm utilizing SHA256.

```rust use vrfmod::vrf::{VRFCipherSuite, VRF}; use vrfmod::VRF; use openssl::rsa::Rsa;

fn main() { // Initialization of VRF context let mut vrf = VRF::fromsuite(VRFCipherSuite::PKIMGFMGF1SHA256).unwrap(); // Load private key from a file let pkey = includebytes!("../linktofile/rsa.pem"); let privatekey = Rsa::privatekeyfrompem(pkey).unwrap(); // Load public key from a file let key = includebytes!("../linktofile/rsa.pem.pub"); let publickey = Rsa::publickeyfrompem(key).unwrap(); // Inputs: Secret Key, Public Key (derived) & Message let message: &[u8] = b"sample";

// VRF proof and hash output
let pi = vrf.prove(&private_key, &message).unwrap();
let hash = vrf.proof_to_hash(&pi).unwrap();

// VRF proof verification (returns VRF hash output)
let beta = vrf.verify(&public_key, &message, &pi);

} ```

Adding unsupported cipher suites

This library also defines a VRF trait which can be extended.

```rust use openssl::{ rsa::Rsa, pkey::{Public, Private}. };

pub trait VRF { type Error;

fn prove(&mut self, pkey: &Rsa<Private>, alpha_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

fn proof_to_hash(&mut self, pi_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

fn verify(&mut self, public_key: &Rsa<Public>, alpha_string: &[u8], pi_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

} ```

Elliptical Curve VRF

This module also uses the OpenSSL library to offer Elliptic Curve Verifiable Random Function (VRF) functionality.

Supported cipher suites include:

• P256_SHA256_TAI: algorithms with SHA256 and the secp256r1 curve (aka NIST P-256).
• SECP256K1_SHA256_TAI: algorithms with SHA256 and the secp256k1 curve.

```rust use vrfmod::ecvrf::{CipherSuite, ECVRF}; use vrfmod::ECVRF;

fn main() { // Initialization of VRF context by providing a curve let mut ecvrf = ECVRF::fromsuite(CipherSuite::P256SHA256TAI).unwrap(); // Private Key, Public Key (derived) & message let secretkey = hex::decode("c9afa9d845ba75166b5c215767b1d6934e50c3db36e89b127b8a622b120f6721").unwrap(); let publickey = ecvrf.derivepublickey(&secretkey).unwrap(); let message: &[u8] = b"sample";

// ECVRF proof and hash output
let pi = ecvrf.prove(&secret_key, &message).unwrap();
let hash = ecvrf.proof_to_hash(&pi).unwrap();

// ECVRF proof verification (returns ECVRF hash output)
let beta = vrf.verify(&public_key, &message, &pi);

} ```

Adding unsupported cipher suites

This library defines a ECVRF trait which can be extended in order to use different curves and algorithms.

```rust pub trait ECVRF { type Error;

fn prove(&mut self, pkey: PrivateKey, alpha_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

fn proof_to_hash(&mut self, pi_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

fn verify(&mut self, public_key: PublicKey, alpha_string: &[u8], pi_string: &[u8]) -> Result<Vec<u8>, Self::Error>;

} ```

License

vrf-mod is published under the MIT license.