Glossary & Reference

Algebraic structures with one operation satisfying closure, associativity, identity, and inverses. Foundation for secure crypto operations.

Example: (Z, +) — integers under addition form a group

Points on curves of the form y² = x³ + ax + b form groups under geometric addition. Ideal for compact, efficient cryptography.

Example: secp256k1 uses y^2 = x^3 + 7

Arithmetic on a finite set where operations wrap within the set. Basis for modular arithmetic and many crypto constructions.

Example: Z_p — integers modulo prime p

Proof that a message was created by someone with a specific private key, without revealing the key.

Example: ECDSA produces (r, s) from a message hash and private key

One‑way functions mapping arbitrary input to fixed‑length output with preimage and collision resistance.

Example: SHA‑256 with 512‑bit blocks and compression

Commitment scheme with perfect hiding and homomorphic addition on elliptic curves.

C(m, r) = g^m · h^r   // homomorphic: C(m1, r1) · C(m2, r2) = C(m1+m2, r1+r2)

Prove that a statement is true without revealing underlying secrets. Built on completeness, soundness, and zero‑knowledge.

Idea: Prove knowledge of x such that g^x = Y without revealing x

Show that a committed value lies within a range without revealing it. Used to prove amounts are non‑negative and bounded.

Example: Prove 0 ≤ v < 2^64 for a commitment C = g^v h^r

Binary hash trees that enable compact inclusion proofs. Any change to leaves changes the root.

Inclusion: leaf → ... → root (O(log n) siblings)

Threshold protocols that create a public key while keeping private key shares distributed among participants.

Pedersen DKG: verifiable shares + polynomial commitments

States that computing x from g^x is intractable in appropriately chosen groups. Underpins signatures and commitments.

Hard problem: given (g, g^x), find x