changeset 1559:18b3699be9db

BeDOZa: Use gmpy for large integers in zero-knowledge proof.
author Thomas P Jakobsen <tpj@cs.au.dk>
date Tue, 28 Sep 2010 15:14:06 +0200
parents 91f2daeb15a5
children 9d183f681a7c
files viff/bedoza/zero_knowledge.py viff/test/bedoza/test_zero_knowledge.py
diffstat 2 files changed, 23 insertions(+), 22 deletions(-) [+]
line wrap: on
line diff
--- a/viff/bedoza/zero_knowledge.py	Tue Sep 28 14:45:31 2010 +0200
+++ b/viff/bedoza/zero_knowledge.py	Tue Sep 28 15:14:06 2010 +0200
@@ -15,7 +15,8 @@
 # You should have received a copy of the GNU Lesser General Public
 # License along with VIFF. If not, see <http://www.gnu.org/licenses/>.
 
-import gmpy
+from gmpy import mpz, digits
+
 import hashlib
 
 from viff.runtime import gatherResults
@@ -90,7 +91,7 @@
         self._deserialize_proof(serialized_proof)
         self._generate_e()
         S = self._vec_mul(self.d, self._vec_pow_E(self.c))
-        T = [self.paillier.encrypt(self.Z[j], player_id=self.prover_id, random_elm=self.W[j])
+        T = [mpz(self.paillier.encrypt(int(self.Z[j]), player_id=self.prover_id, random_elm=int(self.W[j])))
              for j in range(self.m)]
         #print 'Z', len(self.Z)
         #print 'W', len(self.W)
@@ -117,9 +118,9 @@
             ui = rand_int_signed(self.random, 2**(2 * self.k))
             vi, di = self.paillier.encrypt_r(ui)
             assert abs(ui) <= 2**(2 * self.k)
-            self.u.append(ui)
-            self.v.append(vi)
-            self.d.append(di)
+            self.u.append(mpz(ui))
+            self.v.append(mpz(vi))
+            self.d.append(mpz(di))
         #print "Player", self.runtime.id, " d =", self.d
 
 
@@ -170,11 +171,11 @@
             return res
         no_of_chars = 1 + no_of_bits / word_size
         for c in string[:no_of_chars]:
-            digits = [int(v) for v in gmpy.digits(ord(c), 2).zfill(word_size)]
+            _digits = [int(v) for v in digits(ord(c), 2).zfill(word_size)]
             if len(res) + word_size >= no_of_bits:
-                return res + digits[:no_of_bits - len(res)]
-            res += digits
-        return res
+                return res + _digits[:no_of_bits - len(res)]
+            res += _digits
+        return [mpz(b) for b in res]
 
 
     def _generate_e(self):
@@ -242,11 +243,9 @@
         """Computes and returns the m := 2s-1 length vector y**E."""
         assert self.s == len(y), \
             "not same length: %d != %d" % (self.s, len(y))
-        #res = [self.Zn(1)] * self.m
-        # TODO: Should do all computations over some field.
-        res = [1] * self.m
+        res = [mpz(1)] * self.m
         for j in range(self.m):
             for i in range(self.s):
-                if self._E(j, i) == 1:
+                if self._E(j, i) == mpz(1):
                     res[j] *= y[i]
         return res
--- a/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 14:45:31 2010 +0200
+++ b/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 15:14:06 2010 +0200
@@ -19,6 +19,8 @@
 # We don't need secure random numbers for test purposes.
 from random import Random
 
+from gmpy import mpz
+
 from viff.field import GF
 from viff.bedoza.modified_paillier import ModifiedPaillier
 from viff.bedoza.zero_knowledge import ZKProof
@@ -50,23 +52,23 @@
                     self.assertEquals(0, zk._E(j, i))
 
     def test_vec_pow_is_correct(self):
-        s, prover_id, k, Zn = 5, 1, 0, GF(17)
+        s, prover_id, k = 5, 1, 0
         c = [None] * s
-        y = [Zn(i) for i in range(1, 6)]
+        y = [mpz(i) for i in range(1, 6)]
         zk = ZKProof(s, prover_id, k, RuntimeStub(), c)
         zk.e = [1, 0, 1, 1, 0]
         y_pow_E = zk._vec_pow_E(y)
-        self.assertEquals([Zn(v) for v in [1, 2, 3, 8, 13, 12, 3, 5, 1]],
+        self.assertEquals([mpz(v) for v in [1, 2, 3, 8, 30, 12, 20, 5, 1]],
                           y_pow_E)
 
     def test_vec_pow_is_correct_2(self):
-        s, k, Zn, prover_id = 3, 0, GF(17), 1
+        s, k, prover_id = 3, 0, 1
         c = [None] * s
-        y = [Zn(i) for i in [1, 7, 2]]
+        y = [mpz(i) for i in [1, 7, 2]]
         zk = ZKProof(s, prover_id, k, RuntimeStub(), c)
         zk.e = [0, 1, 1]
         y_pow_E = zk._vec_pow_E(y)
-        self.assertEquals([Zn(v) for v in [1, 1, 7, 14, 2]], y_pow_E)
+        self.assertEquals([mpz(v) for v in [1, 1, 7, 14, 2]], y_pow_E)
 
     def test_vec_mul_E_is_correct(self):
         s, prover_id, k, Zn = 5, 1, 0, GF(17)
@@ -150,9 +152,9 @@
         for i in range(s):
             x = rand_int_signed(random, 2**k)
             r, c = paillier.encrypt_r(x, player_id=prover_id)
-            xs.append(x)
-            rs.append(r)
-            cs.append(c)
+            xs.append(mpz(x))
+            rs.append(mpz(r))
+            cs.append(mpz(c))
         return xs, rs, cs
 
     @protocol