Expand description
The twisted ElGamal group encryption implementation.
The message space consists of any number that is representable as a scalar (a.k.a. “exponent”) for Curve25519.
A regular twisted ElGamal ciphertext consists of two components:
- A Pedersen commitment that encodes a message to be encrypted
- A “decryption handle” that binds the Pedersen opening to a specific public key
The ciphertext can be generalized to hold not a single decryption handle, but multiple handles pertaining to multiple ElGamal public keys. These ciphertexts are referred to as a “grouped” ElGamal ciphertext.
Structs§
- Algorithm handle for the grouped ElGamal encryption
- A grouped ElGamal ciphertext.