jude/Riskless
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed stuff

Browse Source
This commit is contained in:
jude
2023-04-13 13:32:29 +01:00
parent 1d9ab1d601
commit b7150d6547
5 changed files with 69 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
static/js/modules/crypto/paillier.js
View File

@ -1,24 +1,45 @@
import { cryptoRandom, generate_prime } from "./random_primes.js";
import { cryptoRandom, generate_prime, KEY_SIZE } from "./random_primes.js";
import { gcd, mod_exp } from "./math.js";
const PAILLIER = 0;
const JURIK = 1;
class Ciphertext {
constructor(key, plainText, r) {
if (r === undefined) {
r = cryptoRandom(2048);
// Use the optimised form using Jacobi classes
r = cryptoRandom();
// Compute g^m by binomial theorem.
let gm = (1n + key.n * plainText) % key.n2;
// Compute g^m h^r.
this.cipherText = (gm * mod_exp(key.hn, r, key.n2)) % key.n2;
// Force into range.
while (this.cipherText < 0n) {
this.cipherText += key.n2;
}
this.mode = JURIK;
this.r = mod_exp(key.h, r, key.n);
} else {
// Use the standard form
// Compute g^m by binomial theorem.
let gm = (1n + key.n * plainText) % key.n2;
// Compute g^m r^n.
this.cipherText = (gm * mod_exp(r, key.n, key.n2)) % key.n2;
// Force into range.
while (this.cipherText < 0n) {
this.cipherText += key.n2;
}
this.mode = PAILLIER;
this.r = r;
}
// Compute g^m by binomial theorem.
let gm = (1n + key.n * plainText) % key.n2;
// Compute g^m h^r.
this.cipherText = (gm * mod_exp(key.hn, r, key.n2)) % key.n2;
// Force into range.
while (this.cipherText < 0n) {
this.cipherText += key.n2;
}
this.r = r;
this.pubKey = key;
this.plainText = plainText;
@ -46,9 +67,9 @@ class Ciphertext {
// Construct a non-interactive proof
proveNI() {
let rp = cryptoRandom(4096);
let rp = cryptoRandom(KEY_SIZE * 2);
while (rp >= this.pubKey.n) {
rp = cryptoRandom(4096);
rp = cryptoRandom(KEY_SIZE * 2);
}
let a = mod_exp(rp, this.pubKey.n, this.pubKey.n2);
@ -92,9 +113,9 @@ class ValueProofSessionProver {
constructor(cipherText) {
this.cipherText = cipherText;
this.rp = cryptoRandom(4096);
this.rp = cryptoRandom(KEY_SIZE * 2);
while (this.rp >= this.cipherText.pubKey.n) {
this.rp = cryptoRandom(4096);
this.rp = cryptoRandom(KEY_SIZE * 2);
}
}
@ -168,7 +189,7 @@ class ValueProofSessionVerifier {
if (challenge === undefined) {
// Shift the challenge down by 1 to ensure it is smaller than either prime factor.
this.challenge = cryptoRandom(2048) << 1n;
this.challenge = cryptoRandom(KEY_SIZE) << 1n;
} else {
this.challenge = challenge;
}
@ -205,10 +226,9 @@ export class PaillierPubKey {
this.n = n;
if (h === undefined) {
let x = cryptoRandom(4096);
let x = cryptoRandom(KEY_SIZE * 2);
while (x >= this.n) {
x = cryptoRandom(4096);
x = cryptoRandom(KEY_SIZE * 2);
}
this.h = ((-1n * x ** 2n) % this.n) + this.n;

6
static/js/modules/crypto/random_primes.js
View File

@ -1,8 +1,10 @@
import { mod_exp } from "./math.js";
export const KEY_SIZE = 512;
export function cryptoRandom(bits) {
if (bits === undefined) {
bits = 2048;
bits = KEY_SIZE;
}
let length = bits / 64;
@ -29,7 +31,7 @@ function generate_bigint() {
intRepr >>= 1n;
// Add 2^2047 to force into range from below
intRepr += 2n ** 2047n;
intRepr += 2n ** BigInt(KEY_SIZE - 1);
return intRepr;
}

6
static/js/modules/interface/proofs.js
View File

@ -1,4 +1,8 @@
// Fisher-Yates shuffle
/**
* CSPRNG Fisher-Yates shuffle.
*
* Only works on lists up to 255 elements.
*/
function cryptoShuffle(l) {
for (let i = l.length - 1; i > 0; i--) {
let value = new Uint8Array([0]);