Merge pull request #12 from Yubico/review-2024-04-03/deterministic-ke…

…ygen Add note about deterministic key generation
Yubico · Apr 9, 2024 · 4d11c02 · 4d11c02
2 parents 88db3e5 + 68a88bb
commit 4d11c02
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/draft-bradleylundberg-cfrg-arkg.md b/draft-bradleylundberg-cfrg-arkg.md
@@ -387,6 +387,22 @@ ARKG-Generate-Seed() -> (pk, sk)
     sk = (sk_kem, sk_bl)
 ~~~
 
+### Deterministic key generation
+
+Although the above definition expresses the key generation as opaque,
+likely sampling uniformly random key distributions,
+implementations MAY choose to implement the functions `BL-Generate-Keypair()`,
+`KEM-Generate-Keypair()` and `ARKG-Generate-Seed()`
+as deterministic functions of some out-of-band input.
+This can be thought of as defining a single-use ARKG instance where these function outputs are static.
+This use case is beyond the scope of this document
+since the implementation of `ARKG-Generate-Seed` is internal to the delegating party,
+even if applications choose to distribute the delegating party across multiple processing entities.
+
+For example, one entity may randomly sample `pk_bl`, derive `pk_kem` deterministically from `pk_bl`
+and submit only `pk_bl` to a separate service that uses the same procedure to also derive the same `pk_kem`.
+This document considers both of these entities as parts of the same logical delegating party.
+
 
 ## The function ARKG-Derive-Public-Key