Use a mask for BLS aggregation and improve caching

[Stebalien]

Design:

1. Include all public keys present in the power table in the BDN mask.
2. Only select the relevant ones (via the bitmask) when aggregating signatures.
3. Pre-compute the terms used in public key aggregation, making it much faster (it's a simple summation).
4. Partially pre-compute the coefficients used in signature aggregation. It's slightly faster (can avoid some hashing) but not that much faster because we still need to compute the terms (multiply the coefficients by the signatures being aggregated).

There are three commits here and this PR should be merged by rebase, not squash.

1. The first commit switches from drand's kyber fork back to dedis.
2. The second imports the BDN and GNARK modules, along with the following dedis PRs:
   1. Optimize BDN Signature/Key Aggregation dedis/kyber#546
   2. Add gnark as bls-12-381 backend dedis/kyber#551
   3. Use the group-specific scalar type when hashing in BDN dedis/kyber#553
3. The final commit actually makes use of the caching mask.

The code imported in commit 2 should be (nearly) identical to the code in the bdn and gnark packages in https://github.com/Stebalien/kyber/tree/f3.

fixes #592

[Stebalien]

The interface changes. Basically:

1. You call Verifier.Aggregate(allPublicKeys).
2. Then you call either Aggregate (name clash) or VerifyAggregate on the resulting Aggregate (naming?).

[Stebalien]

IMO, punt till later (probably not much worse than fetching the committee under the lock).

[Stebalien]

This is ready for review although still WIP until the upstream changes (drand/kyber#61) land. Reviews there would also be helpful (only look at the last two commits, everything else is from a previous PR).

[codecov]

Codecov Report

Attention: Patch coverage is 58.80452% with 255 lines in your changes missing coverage. Please review.

Project coverage is 76.90%. Comparing base (d392bbf) to head (f5af3ff).
Report is 3 commits behind head on main.

Files with missing lines	Patch %	Lines
internal/bls/gnark/gt.go	7.69%	47 Missing and 1 partial ⚠️
internal/bls/gnark/scalar.go	21.05%	45 Missing ⚠️
internal/bls/gnark/g1.go	44.15%	42 Missing and 1 partial ⚠️
internal/bls/gnark/g2.go	51.94%	36 Missing and 1 partial ⚠️
internal/bls/bdn/bdn.go	75.55%	10 Missing and 12 partials ⚠️
internal/bls/gnark/suite.go	47.61%	21 Missing and 1 partial ⚠️
emulator/signing.go	47.82%	9 Missing and 3 partials ⚠️
blssig/aggregation.go	68.96%	6 Missing and 3 partials ⚠️
internal/bls/bdn/mask.go	96.00%	2 Missing and 2 partials ⚠️
internal/bls/gnark/adapter.go	66.66%	4 Missing ⚠️
... and 4 more

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #604      +/-   ##
==========================================
- Coverage   79.47%   76.90%   -2.58%     
==========================================
  Files          55       64       +9     
  Lines        4907     5451     +544     
==========================================
+ Hits         3900     4192     +292     
- Misses        631      857     +226     
- Partials      376      402      +26     

Files with missing lines	Coverage Δ
blssig/signer.go	77.77% <100.00%> (ø)
blssig/verifier.go	68.00% <100.00%> (-4.55%)	⬇️
emulator/host.go	79.10% <100.00%> (+0.31%)	⬆️
emulator/instance.go	95.74% <100.00%> (+1.23%)	⬆️
gpbft/gpbft.go	88.05% <100.00%> (-0.04%)	⬇️
gpbft/powertable.go	85.07% <100.00%> (+0.57%)	⬆️
gpbft/participant.go	87.85% <75.00%> (+0.63%)	⬆️
certs/certs.go	93.82% <71.42%> (-1.11%)	⬇️
host.go	70.19% <75.00%> (-0.35%)	⬇️
internal/bls/bdn/mask.go	96.00% <96.00%> (ø)
... and 10 more

... and 3 files with indirect coverage changes

[masih]

although still WIP until the upstream changes

Woops; sorry for PR title change noise.

[Kubuxu]

Approach SGWM

[Stebalien]

Ok, waiting on dedis/kyber#546 now.

[Kubuxu]

We could just popcount but doens't matter.

[Stebalien]

I'll make a PR upstream.

[Stebalien]

Hm. Later. I have too many stacked.

[Stebalien]

Merged by rebase to preserve the three separate commits.