entropyxyz · fjarri · Mar 16, 2025
diff --git a/src/curve/arithmetic.rs b/src/curve/arithmetic.rs
@@ -24,7 +24,10 @@ use ::{ecdsa::SigningKey, elliptic_curve::SecretKey};
 
 use crate::{
     params::SchemeParams,
-    tools::{hashing::Chain, BoxedRng, Secret},
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret, BoxedRng
+    },
     uint::BoxedEncoding,
 };
 
@@ -44,13 +47,13 @@ where
     let order = Crv::ORDER;
     let limbs = order.as_ref();
     for limb in limbs {
-        digest = digest.chain(&limb.0.to_le_bytes());
+        digest = digest.chain_bytes(&limb.0.to_le_bytes());
     }
 
     let generator_bytes = <Crv as CurveArithmetic>::ProjectivePoint::generator()
         .to_affine()
         .to_encoded_point(true);
-    digest.chain::<&[u8]>(&generator_bytes.as_bytes())
+    digest.chain_bytes(&generator_bytes.as_bytes())
 }
 
 type BackendScalar<P> = <<P as SchemeParams>::Curve as CurveArithmetic>::Scalar;
@@ -287,6 +290,15 @@ where
     }
 }
 
+impl<P: SchemeParams> Hashable for Point<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"Point").chain_serializable(self)
+    }
+}
+
 impl<'a, P> TryFrom<&'a [u8]> for Point<P>
 where
     P: SchemeParams,

diff --git a/src/entities/full.rs b/src/entities/full.rs
@@ -16,7 +16,10 @@ use crate::{
         PublicKeyPaillier, PublicKeyPaillierWire, RPParams, RPParamsWire, SecretKeyPaillier, SecretKeyPaillierWire,
     },
     params::SchemeParams,
-    tools::Secret,
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret,
+    },
 };
 
 /// The result of the KeyInit protocol.
@@ -134,6 +137,19 @@ where
     pub(crate) public_share_changes: SerializableMap<I, Point<P>>, // `X_k^* - X_k == \sum_j X_j^k`, for all nodes
 }
 
+impl<P, I> Hashable for PublicAuxInfos<P, I>
+where
+    P: SchemeParams,
+    I: PartyId,
+{
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"PublicAuxInfos").chain_serializable(self)
+    }
+}
+
 impl<P, I> PublicAuxInfos<P, I>
 where
     P: SchemeParams,
@@ -173,6 +189,15 @@ where
     }
 }
 
+impl<P: SchemeParams, I: PartyId> Hashable for PublicKeyShares<P, I> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"PublicKeyShares").chain_serializable(self)
+    }
+}
+
 impl<P, I> KeyShare<P, I>
 where
     P: SchemeParams,

diff --git a/src/entities/internal.rs b/src/entities/internal.rs
@@ -5,7 +5,7 @@ use serde::{Deserialize, Serialize};
 
 use crate::{
     params::{chain_scheme_params, SchemeParams},
-    tools::hashing::{Chain, HashOutput, Hasher},
+    tools::hashing::{Chain, HashOutput, Hashable, Hasher},
 };
 
 /// The session identifier (see Remark 4.1 in the paper).
@@ -18,8 +18,17 @@ impl Sid {
     pub fn new<P: SchemeParams, Id: PartyId>(shared_randomness: &[u8], ids: &BTreeSet<Id>) -> Self {
         let digest = Hasher::<P::Digest>::new_with_dst(b"SID");
         let digest = chain_scheme_params::<P, _>(digest);
-        let digest = digest.chain(&shared_randomness).chain(&ids);
+        let digest = digest.chain_bytes(&shared_randomness).chain(&ids);
 
         Self(digest.finalize(P::SECURITY_BITS))
     }
 }
+
+impl Hashable for Sid {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"Sid").chain_serializable(self)
+    }
+}
diff --git a/src/paillier/encryption.rs b/src/paillier/encryption.rs
@@ -16,7 +16,10 @@ use super::{
     params::PaillierParams,
 };
 use crate::{
-    tools::Secret,
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret,
+    },
     uint::{Exponentiable, Extendable, PublicSigned, PublicUint, SecretSigned, SecretUnsigned, ToMontgomery},
 };
 
@@ -73,6 +76,15 @@ pub(crate) struct CiphertextWire<P: PaillierParams> {
     phantom: PhantomData<P>,
 }
 
+impl<P: PaillierParams> Hashable for CiphertextWire<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"CiphertextWire").chain_serializable(self)
+    }
+}
+
 impl<P: PaillierParams> CiphertextWire<P> {
     pub fn to_precomputed(&self, pk: &PublicKeyPaillier<P>) -> Ciphertext<P> {
         Ciphertext {
@@ -89,6 +101,15 @@ pub(crate) struct Ciphertext<P: PaillierParams> {
     ciphertext: <P::WideUint as Integer>::Monty,
 }
 
+impl<P: PaillierParams> Hashable for Ciphertext<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain(&self.to_wire())
+    }
+}
+
 impl<P: PaillierParams> Ciphertext<P> {
     pub fn public_key(&self) -> &PublicKeyPaillier<P> {
         &self.pk

diff --git a/src/paillier/keys.rs b/src/paillier/keys.rs
@@ -15,7 +15,10 @@ use super::{
     rsa::{PublicModulus, PublicModulusWire, SecretPrimes, SecretPrimesWire},
 };
 use crate::{
-    tools::Secret,
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret,
+    },
     uint::{Extendable, MulWide, PublicSigned, SecretSigned, SecretUnsigned, ToMontgomery},
 };
 
@@ -320,6 +323,15 @@ impl<P: PaillierParams> PublicKeyPaillierWire<P> {
     }
 }
 
+impl<P: PaillierParams> Hashable for PublicKeyPaillierWire<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"PublicKeyPaillierWire").chain_serializable(self)
+    }
+}
+
 #[derive(Debug, Clone)]
 pub(crate) struct PublicKeyPaillier<P: PaillierParams> {
     modulus: PublicModulus<P>,
@@ -409,6 +421,15 @@ impl<P: PaillierParams> PartialEq for PublicKeyPaillier<P> {
 
 impl<P: PaillierParams> Eq for PublicKeyPaillier<P> {}
 
+impl<P: PaillierParams> Hashable for PublicKeyPaillier<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain(self.as_wire())
+    }
+}
+
 #[cfg(test)]
 mod tests {
     use rand::SeedableRng;

diff --git a/src/paillier/ring_pedersen.rs b/src/paillier/ring_pedersen.rs
@@ -10,7 +10,10 @@ use super::{
     PaillierParams,
 };
 use crate::{
-    tools::Secret,
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret,
+    },
     uint::{Exponentiable, PublicUint, SecretUnsigned, ToMontgomery},
 };
 
@@ -157,6 +160,15 @@ impl<P: PaillierParams> RPParams<P> {
     }
 }
 
+impl<P: PaillierParams> Hashable for RPParams<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain(&self.to_wire())
+    }
+}
+
 /// Minimal public ring-Pedersen parameters suitable for serialization and transmission.
 #[derive(Debug, Clone, Serialize, Deserialize)]
 #[serde(bound(serialize = "PublicModulusWire<P>: Serialize"))]
@@ -188,6 +200,15 @@ impl<P: PaillierParams> RPParamsWire<P> {
     }
 }
 
+impl<P: PaillierParams> Hashable for RPParamsWire<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"RPParamsWire").chain_serializable(self)
+    }
+}
+
 #[derive(PartialEq, Eq)]
 pub(crate) struct RPCommitment<P: PaillierParams>(<P::Uint as Integer>::Monty);
 
@@ -220,3 +241,12 @@ impl<P: PaillierParams> RPCommitmentWire<P> {
         RPCommitment(self.0.to_montgomery(params.monty_params_mod_n()))
     }
 }
+
+impl<P: PaillierParams> Hashable for RPCommitmentWire<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"RPCommitmentWire").chain_serializable(self)
+    }
+}
diff --git a/src/paillier/rsa.rs b/src/paillier/rsa.rs
@@ -9,7 +9,10 @@ use serde::{Deserialize, Serialize};
 
 use super::params::PaillierParams;
 use crate::{
-    tools::Secret,
+    tools::{
+        hashing::{Chain, Hashable},
+        Secret,
+    },
     uint::{
         Extendable, FromXofReader, IsInvertible, MulWide, PublicSigned, PublicUint, SecretSigned, SecretUnsigned,
         ToMontgomery,
@@ -243,6 +246,15 @@ impl<P: PaillierParams> PublicModulusWire<P> {
     }
 }
 
+impl<P: PaillierParams> Hashable for PublicModulusWire<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"PublicModulusWire").chain_serializable(self)
+    }
+}
+
 #[derive(Debug, Clone)]
 pub(crate) struct PublicModulus<P: PaillierParams> {
     /// The base RSA modulus $N$.
@@ -322,3 +334,12 @@ impl<P: PaillierParams> PublicModulus<P> {
             .square()
     }
 }
+
+impl<P: PaillierParams> Hashable for PublicModulus<P> {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain(&self.modulus)
+    }
+}
diff --git a/src/protocols/aux_gen.rs b/src/protocols/aux_gen.rs
@@ -298,9 +298,10 @@ impl<P: SchemeParams> PublicData<P> {
     pub(super) fn hash<Id: PartyId>(&self, sid: &Sid, id: &Id) -> HashOutput {
         Hasher::<P::Digest>::new_with_dst(b"KeyInit")
             .chain(sid)
-            .chain(id)
-            .chain(&self.paillier_pk.clone().into_wire())
-            .chain(&self.rp_params.to_wire())
+            .chain_bytes("Id")
+            .chain_serializable(id)
+            .chain(&self.paillier_pk)
+            .chain(&self.rp_params)
             .chain(&self.psi)
             .chain(&self.rid)
             .chain(&self.u)

diff --git a/src/protocols/interactive_signing.rs b/src/protocols/interactive_signing.rs
@@ -252,7 +252,7 @@ impl Epid {
         let digest = Hasher::<P::Digest>::new_with_dst(b"EPID");
         let digest = chain_scheme_params::<P, _>(digest);
         let digest = digest
-            .chain(&shared_randomness)
+            .chain_bytes(&shared_randomness)
             .chain(&associated_data.shares)
             .chain(&associated_data.aux);
 

diff --git a/src/protocols/key_init.rs b/src/protocols/key_init.rs
@@ -209,7 +209,7 @@ where
     pub(super) fn hash<Id: Serialize>(&self, sid: &Sid, id: &Id) -> HashOutput {
         Hasher::<P::Digest>::new_with_dst(b"KeyInit")
             .chain(sid)
-            .chain(id)
+            .chain_serializable(id)
             .chain(&self.cap_x)
             .chain(&self.cap_a)
             .chain(&self.rho)

diff --git a/src/protocols/key_refresh.rs b/src/protocols/key_refresh.rs
@@ -368,7 +368,7 @@ impl<P: SchemeParams, Id: PartyId> ProtocolError<Id> for KeyRefreshError<P, Id>
                 let mut reader = Hasher::<P::Digest>::new_with_dst(b"KeyRefresh Round3")
                     .chain(&sid)
                     .chain(&rid)
-                    .chain(guilty_party)
+                    .chain_serializable(guilty_party)
                     .chain(&(cap_y_ji * y))
                     .finalize_to_reader();
                 let rho = Scalar::from_xof_reader(&mut reader);
@@ -456,12 +456,12 @@ impl<P: SchemeParams, Id: PartyId> PublicData<P, Id> {
     pub(super) fn hash(&self, sid: &Sid, id: &Id) -> HashOutput {
         Hasher::<P::Digest>::new_with_dst(b"KeyInit")
             .chain(sid)
-            .chain(id)
+            .chain_serializable(id)
             .chain(&self.cap_xs)
             .chain(&self.cap_ys)
             .chain(&self.cap_as)
-            .chain(&self.paillier_pk.clone().into_wire())
-            .chain(&self.rp_params.to_wire())
+            .chain(&self.paillier_pk)
+            .chain(&self.rp_params)
             .chain(&self.psi)
             .chain(&self.rid)
             .chain(&self.u)

diff --git a/src/tools/bitvec.rs b/src/tools/bitvec.rs
@@ -6,6 +6,8 @@ use rand_core::CryptoRngCore;
 use serde::{Deserialize, Serialize};
 use serde_encoded_bytes::{Base64, SliceLike};
 
+use super::hashing::{Chain, Hashable};
+
 #[derive(Serialize, Deserialize)]
 struct PackedBitVec {
     bits: u32,
@@ -96,3 +98,12 @@ impl BitXorAssign<&BitVec> for BitVec {
         }
     }
 }
+
+impl Hashable for BitVec {
+    fn chain<C>(&self, chain: C) -> C
+    where
+        C: Chain,
+    {
+        chain.chain_bytes(b"BitVec").chain_serializable(self)
+    }
+}