Fixed stuff
This commit is contained in:
jude
@ -1,24 +1,45 @@
|
||||
import { cryptoRandom, generate_prime } from "./random_primes.js";
|
||||
import { cryptoRandom, generate_prime, KEY_SIZE } from "./random_primes.js";
|
||||
import { gcd, mod_exp } from "./math.js";
|
||||
|
||||
const PAILLIER = 0;
|
||||
const JURIK = 1;
|
||||
|
||||
class Ciphertext {
|
||||
constructor(key, plainText, r) {
|
||||
if (r === undefined) {
|
||||
r = cryptoRandom(2048);
|
||||
// Use the optimised form using Jacobi classes
|
||||
r = cryptoRandom();
|
||||
|
||||
// Compute g^m by binomial theorem.
|
||||
let gm = (1n + key.n * plainText) % key.n2;
|
||||
|
||||
// Compute g^m h^r.
|
||||
this.cipherText = (gm * mod_exp(key.hn, r, key.n2)) % key.n2;
|
||||
|
||||
// Force into range.
|
||||
while (this.cipherText < 0n) {
|
||||
this.cipherText += key.n2;
|
||||
}
|
||||
|
||||
this.mode = JURIK;
|
||||
this.r = mod_exp(key.h, r, key.n);
|
||||
} else {
|
||||
// Use the standard form
|
||||
// Compute g^m by binomial theorem.
|
||||
let gm = (1n + key.n * plainText) % key.n2;
|
||||
|
||||
// Compute g^m r^n.
|
||||
this.cipherText = (gm * mod_exp(r, key.n, key.n2)) % key.n2;
|
||||
|
||||
// Force into range.
|
||||
while (this.cipherText < 0n) {
|
||||
this.cipherText += key.n2;
|
||||
}
|
||||
|
||||
this.mode = PAILLIER;
|
||||
this.r = r;
|
||||
}
|
||||
|
||||
// Compute g^m by binomial theorem.
|
||||
let gm = (1n + key.n * plainText) % key.n2;
|
||||
|
||||
// Compute g^m h^r.
|
||||
this.cipherText = (gm * mod_exp(key.hn, r, key.n2)) % key.n2;
|
||||
|
||||
// Force into range.
|
||||
while (this.cipherText < 0n) {
|
||||
this.cipherText += key.n2;
|
||||
}
|
||||
|
||||
this.r = r;
|
||||
this.pubKey = key;
|
||||
this.plainText = plainText;
|
||||
|
||||
@ -46,9 +67,9 @@ class Ciphertext {
|
||||
|
||||
// Construct a non-interactive proof
|
||||
proveNI() {
|
||||
let rp = cryptoRandom(4096);
|
||||
let rp = cryptoRandom(KEY_SIZE * 2);
|
||||
while (rp >= this.pubKey.n) {
|
||||
rp = cryptoRandom(4096);
|
||||
rp = cryptoRandom(KEY_SIZE * 2);
|
||||
}
|
||||
|
||||
let a = mod_exp(rp, this.pubKey.n, this.pubKey.n2);
|
||||
@ -92,9 +113,9 @@ class ValueProofSessionProver {
|
||||
constructor(cipherText) {
|
||||
this.cipherText = cipherText;
|
||||
|
||||
this.rp = cryptoRandom(4096);
|
||||
this.rp = cryptoRandom(KEY_SIZE * 2);
|
||||
while (this.rp >= this.cipherText.pubKey.n) {
|
||||
this.rp = cryptoRandom(4096);
|
||||
this.rp = cryptoRandom(KEY_SIZE * 2);
|
||||
}
|
||||
}
|
||||
|
||||
@ -168,7 +189,7 @@ class ValueProofSessionVerifier {
|
||||
|
||||
if (challenge === undefined) {
|
||||
// Shift the challenge down by 1 to ensure it is smaller than either prime factor.
|
||||
this.challenge = cryptoRandom(2048) << 1n;
|
||||
this.challenge = cryptoRandom(KEY_SIZE) << 1n;
|
||||
} else {
|
||||
this.challenge = challenge;
|
||||
}
|
||||
@ -205,10 +226,9 @@ export class PaillierPubKey {
|
||||
this.n = n;
|
||||
|
||||
if (h === undefined) {
|
||||
let x = cryptoRandom(4096);
|
||||
|
||||
let x = cryptoRandom(KEY_SIZE * 2);
|
||||
while (x >= this.n) {
|
||||
x = cryptoRandom(4096);
|
||||
x = cryptoRandom(KEY_SIZE * 2);
|
||||
}
|
||||
|
||||
this.h = ((-1n * x ** 2n) % this.n) + this.n;
|
||||
|
||||
@ -1,8 +1,10 @@
|
||||
import { mod_exp } from "./math.js";
|
||||
|
||||
export const KEY_SIZE = 512;
|
||||
|
||||
export function cryptoRandom(bits) {
|
||||
if (bits === undefined) {
|
||||
bits = 2048;
|
||||
bits = KEY_SIZE;
|
||||
}
|
||||
let length = bits / 64;
|
||||
|
||||
@ -29,7 +31,7 @@ function generate_bigint() {
|
||||
intRepr >>= 1n;
|
||||
|
||||
// Add 2^2047 to force into range from below
|
||||
intRepr += 2n ** 2047n;
|
||||
intRepr += 2n ** BigInt(KEY_SIZE - 1);
|
||||
|
||||
return intRepr;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user