Fix bug in random generator. Correct a proof
This commit is contained in:
parent
bffc7a3a66
commit
c4f6c24469
@ -3,13 +3,14 @@ let p, q, pubKey, privKey;
|
|||||||
class PubKey {
|
class PubKey {
|
||||||
constructor(p, q) {
|
constructor(p, q) {
|
||||||
this.n = p * q;
|
this.n = p * q;
|
||||||
this.g = this.n + 1n;
|
// this.g = this.n + 1n;
|
||||||
}
|
}
|
||||||
|
|
||||||
encrypt(m) {
|
encrypt(m) {
|
||||||
// Compute g^m r^n mod n^2
|
// Compute g^m r^n mod n^2
|
||||||
let r = random2048();
|
let r = random2048();
|
||||||
|
|
||||||
|
// Resample to avoid modulo bias.
|
||||||
while (r >= this.n) {
|
while (r >= this.n) {
|
||||||
r = random2048();
|
r = random2048();
|
||||||
}
|
}
|
||||||
|
@ -21,8 +21,8 @@ function generate_bigint() {
|
|||||||
// Drop the MSB to force into range from above
|
// Drop the MSB to force into range from above
|
||||||
intRepr >>= 1n;
|
intRepr >>= 1n;
|
||||||
|
|
||||||
// Add 2^127 to force into range from below
|
// Add 2^2047 to force into range from below
|
||||||
intRepr += 2n ** 127n;
|
intRepr += 2n ** 2047n;
|
||||||
|
|
||||||
return intRepr;
|
return intRepr;
|
||||||
}
|
}
|
||||||
|
Binary file not shown.
@ -37,8 +37,6 @@
|
|||||||
|
|
||||||
Risk is a strategy game developed by Albert Lamorisse in 1957. It is a highly competitive game, in which players battle for control over regions of a world map by stationing units within their territories in order to launch attacks on neighbouring territories that are not in their control.
|
Risk is a strategy game developed by Albert Lamorisse in 1957. It is a highly competitive game, in which players battle for control over regions of a world map by stationing units within their territories in order to launch attacks on neighbouring territories that are not in their control.
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
\section{Existing solutions}
|
\section{Existing solutions}
|
||||||
|
|
||||||
For playing games over an internet connection, multiple solutions already exist. These can roughly be broken down into those that are centralised and those that are decentralised, although many decentralised systems rely on federated or centralised communications for peer discovery.
|
For playing games over an internet connection, multiple solutions already exist. These can roughly be broken down into those that are centralised and those that are decentralised, although many decentralised systems rely on federated or centralised communications for peer discovery.
|
||||||
@ -286,7 +284,7 @@ The Paillier cryptosystem is otherwise generic over the choice of primes $p, q$.
|
|||||||
\end{proposition}
|
\end{proposition}
|
||||||
|
|
||||||
\begin{proof}
|
\begin{proof}
|
||||||
WLOG, assume $p > q$. Suppose $\gcd(pq, (p - 1)(q - 1)) \neq 1$. Then, $q - 1 \mid p$. However, the bit-lengths of $p, q$ are identical. So $\lfloor \frac{1}{2}p \rfloor < q$. This is a contradiction to $q - 1 \mid p$, and so $\gcd(pq, (p - 1)(q - 1)) = 1$ as required.
|
WLOG, assume $p > q$. Suppose $\gcd(pq, (p - 1)(q - 1)) \neq 1$. Then, $q \mid p - 1$. However, the bit-lengths of $p, q$ are identical. So $\frac{1}{2}(p - 1) < q$. This is a contradiction to $q \mid p - 1$ (as 2 is the smallest possible divisor), and so we must have $\gcd(pq, (p - 1)(q - 1)) = 1$ as required.
|
||||||
\end{proof}
|
\end{proof}
|
||||||
|
|
||||||
As the prime generation routine generates primes of equal length, this property is therefore guaranteed. The next optimisation is to select $g = 1 + n$.
|
As the prime generation routine generates primes of equal length, this property is therefore guaranteed. The next optimisation is to select $g = 1 + n$.
|
||||||
|
Loading…
Reference in New Issue
Block a user