jude/Riskless
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

started working on another proof

Browse Source
This commit is contained in:
jude 2023-04-25 18:05:44 +01:00
parent 810382fc4f
commit 7591c84823
2 changed files with 61 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
static/js/modules/crypto/paillier.js
View File

@ -97,6 +97,20 @@ class Ciphertext {
} }
} }
mul(e) {
this.cipherText = mod_exp(this.cipherText, e, this.pubKey.n2);
this.r = mod_exp(this.r, e, this.pubKey.n2);
this.plainText = (this.plainText * e) % this.pubKey.n2;
// Force into range
while (this.cipherText < 0n) {
this.cipherText += this.pubKey.n2;
}
while (this.plainText < 0n) {
this.plainText += this.pubKey.n2;
}
}
toString() { toString() {
return "0x" + this.cipherText.toString(16); return "0x" + this.cipherText.toString(16);
} }
@ -202,6 +216,15 @@ export class ReadOnlyCiphertext {
} }
} }
mul(e) {
this.cipherText = mod_exp(this.cipherText, e, this.pubKey.n2);
// Force into range
while (this.cipherText < 0n) {
this.cipherText += this.pubKey.n2;
}
}
prove(plainText, a) { prove(plainText, a) {
return new ValueProofSessionVerifier(this, plainText, a); return new ValueProofSessionVerifier(this, plainText, a);
} }

38
static/js/modules/interface/proofs.js
View File

@ -1,5 +1,6 @@
import { cryptoRandom } from "../crypto/random_primes.js"; import { cryptoRandom } from "../crypto/random_primes.js";
import { Region } from "./map.js"; import { Region } from "./map.js";
import { mod_exp } from "../crypto/math.js";
function cryptoRange(upper) { function cryptoRange(upper) {
// This is ridiculous: why implement a BigInt primitive, have it behave like a number, and then _not_ offer // This is ridiculous: why implement a BigInt primitive, have it behave like a number, and then _not_ offer
@ -294,6 +295,43 @@ export function verifyRange(obj, key) {
window.verifyRange = verifyRange; window.verifyRange = verifyRange;
export function proveBitLength(cipherText) {
if (cipherText.readOnly) {
throw "Cannot prove readonly ciphertext";
}
let key = cipherText.pubKey;
// Compute decomposition
let bitCommitments = [];
let m = cipherText.plainText;
let prod = cipherText.clone();
let e = 1n;
while (m !== 0n) {
let bit = m & 0b1n;
let cBit = key.encrypt(-bit);
bitCommitments.push(cBit);
let cBit2 = cBit.clone();
cBit2.mul(e);
prod.update(cBit2);
e <<= 1n;
m >>= 1n;
}
// TODO finish this
return {
bitCommitments: bitCommitments,
bitProof: prod.proveNI(),
};
}
window.proveBitLength = proveBitLength;
/** /**
* - We prove that the set contains |S| - 2 zeros, with the final pair summing to zero and sums with the original * - We prove that the set contains |S| - 2 zeros, with the final pair summing to zero and sums with the original
* set are zero. * set are zero.