viff

changeset 1559:18b3699be9db

BeDOZa: Use gmpy for large integers in zero-knowledge proof.
author Thomas P Jakobsen <tpj@cs.au.dk>
date Tue, 28 Sep 2010 15:14:06 +0200
parents 91f2daeb15a5
children 9d183f681a7c
files viff/bedoza/zero_knowledge.py viff/test/bedoza/test_zero_knowledge.py
diffstat 2 files changed, 23 insertions(+), 22 deletions(-) [+]
line diff
     1.1 --- a/viff/bedoza/zero_knowledge.py	Tue Sep 28 14:45:31 2010 +0200
     1.2 +++ b/viff/bedoza/zero_knowledge.py	Tue Sep 28 15:14:06 2010 +0200
     1.3 @@ -15,7 +15,8 @@
     1.4  # You should have received a copy of the GNU Lesser General Public
     1.5  # License along with VIFF. If not, see <http://www.gnu.org/licenses/>.
     1.6  
     1.7 -import gmpy
     1.8 +from gmpy import mpz, digits
     1.9 +
    1.10  import hashlib
    1.11  
    1.12  from viff.runtime import gatherResults
    1.13 @@ -90,7 +91,7 @@
    1.14          self._deserialize_proof(serialized_proof)
    1.15          self._generate_e()
    1.16          S = self._vec_mul(self.d, self._vec_pow_E(self.c))
    1.17 -        T = [self.paillier.encrypt(self.Z[j], player_id=self.prover_id, random_elm=self.W[j])
    1.18 +        T = [mpz(self.paillier.encrypt(int(self.Z[j]), player_id=self.prover_id, random_elm=int(self.W[j])))
    1.19               for j in range(self.m)]
    1.20          #print 'Z', len(self.Z)
    1.21          #print 'W', len(self.W)
    1.22 @@ -117,9 +118,9 @@
    1.23              ui = rand_int_signed(self.random, 2**(2 * self.k))
    1.24              vi, di = self.paillier.encrypt_r(ui)
    1.25              assert abs(ui) <= 2**(2 * self.k)
    1.26 -            self.u.append(ui)
    1.27 -            self.v.append(vi)
    1.28 -            self.d.append(di)
    1.29 +            self.u.append(mpz(ui))
    1.30 +            self.v.append(mpz(vi))
    1.31 +            self.d.append(mpz(di))
    1.32          #print "Player", self.runtime.id, " d =", self.d
    1.33  
    1.34  
    1.35 @@ -170,11 +171,11 @@
    1.36              return res
    1.37          no_of_chars = 1 + no_of_bits / word_size
    1.38          for c in string[:no_of_chars]:
    1.39 -            digits = [int(v) for v in gmpy.digits(ord(c), 2).zfill(word_size)]
    1.40 +            _digits = [int(v) for v in digits(ord(c), 2).zfill(word_size)]
    1.41              if len(res) + word_size >= no_of_bits:
    1.42 -                return res + digits[:no_of_bits - len(res)]
    1.43 -            res += digits
    1.44 -        return res
    1.45 +                return res + _digits[:no_of_bits - len(res)]
    1.46 +            res += _digits
    1.47 +        return [mpz(b) for b in res]
    1.48  
    1.49  
    1.50      def _generate_e(self):
    1.51 @@ -242,11 +243,9 @@
    1.52          """Computes and returns the m := 2s-1 length vector y**E."""
    1.53          assert self.s == len(y), \
    1.54              "not same length: %d != %d" % (self.s, len(y))
    1.55 -        #res = [self.Zn(1)] * self.m
    1.56 -        # TODO: Should do all computations over some field.
    1.57 -        res = [1] * self.m
    1.58 +        res = [mpz(1)] * self.m
    1.59          for j in range(self.m):
    1.60              for i in range(self.s):
    1.61 -                if self._E(j, i) == 1:
    1.62 +                if self._E(j, i) == mpz(1):
    1.63                      res[j] *= y[i]
    1.64          return res
     2.1 --- a/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 14:45:31 2010 +0200
     2.2 +++ b/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 15:14:06 2010 +0200
     2.3 @@ -19,6 +19,8 @@
     2.4  # We don't need secure random numbers for test purposes.
     2.5  from random import Random
     2.6  
     2.7 +from gmpy import mpz
     2.8 +
     2.9  from viff.field import GF
    2.10  from viff.bedoza.modified_paillier import ModifiedPaillier
    2.11  from viff.bedoza.zero_knowledge import ZKProof
    2.12 @@ -50,23 +52,23 @@
    2.13                      self.assertEquals(0, zk._E(j, i))
    2.14  
    2.15      def test_vec_pow_is_correct(self):
    2.16 -        s, prover_id, k, Zn = 5, 1, 0, GF(17)
    2.17 +        s, prover_id, k = 5, 1, 0
    2.18          c = [None] * s
    2.19 -        y = [Zn(i) for i in range(1, 6)]
    2.20 +        y = [mpz(i) for i in range(1, 6)]
    2.21          zk = ZKProof(s, prover_id, k, RuntimeStub(), c)
    2.22          zk.e = [1, 0, 1, 1, 0]
    2.23          y_pow_E = zk._vec_pow_E(y)
    2.24 -        self.assertEquals([Zn(v) for v in [1, 2, 3, 8, 13, 12, 3, 5, 1]],
    2.25 +        self.assertEquals([mpz(v) for v in [1, 2, 3, 8, 30, 12, 20, 5, 1]],
    2.26                            y_pow_E)
    2.27  
    2.28      def test_vec_pow_is_correct_2(self):
    2.29 -        s, k, Zn, prover_id = 3, 0, GF(17), 1
    2.30 +        s, k, prover_id = 3, 0, 1
    2.31          c = [None] * s
    2.32 -        y = [Zn(i) for i in [1, 7, 2]]
    2.33 +        y = [mpz(i) for i in [1, 7, 2]]
    2.34          zk = ZKProof(s, prover_id, k, RuntimeStub(), c)
    2.35          zk.e = [0, 1, 1]
    2.36          y_pow_E = zk._vec_pow_E(y)
    2.37 -        self.assertEquals([Zn(v) for v in [1, 1, 7, 14, 2]], y_pow_E)
    2.38 +        self.assertEquals([mpz(v) for v in [1, 1, 7, 14, 2]], y_pow_E)
    2.39  
    2.40      def test_vec_mul_E_is_correct(self):
    2.41          s, prover_id, k, Zn = 5, 1, 0, GF(17)
    2.42 @@ -150,9 +152,9 @@
    2.43          for i in range(s):
    2.44              x = rand_int_signed(random, 2**k)
    2.45              r, c = paillier.encrypt_r(x, player_id=prover_id)
    2.46 -            xs.append(x)
    2.47 -            rs.append(r)
    2.48 -            cs.append(c)
    2.49 +            xs.append(mpz(x))
    2.50 +            rs.append(mpz(r))
    2.51 +            cs.append(mpz(c))
    2.52          return xs, rs, cs
    2.53  
    2.54      @protocol