1.1 --- a/viff/bedoza/share.py	Mon Oct 04 10:27:01 2010 +0200
     1.2 +++ b/viff/bedoza/share.py	Mon Oct 04 10:58:23 2010 +0200
     1.3 @@ -21,11 +21,19 @@
     1.4  from viff.bedoza.util import _convolute
     1.5  
     1.6  def generate_partial_share_contents(field_elements, runtime, paillier):
     1.7 -    """Each party input a list of field elements *field_elements*.
     1.8 -    The value of the field elements are encrypted and the encrypted
     1.9 -    values are exchanged.
    1.10 +    """Protocol for generating partial shares.
    1.11  
    1.12 -    Returns a deferred, which yields a list of PartialShareContents.  
    1.13 +    This protocol corresponds to the "Share" protocol in the document
    1.14 +    "A new On- and Off-line Phase for MPC".
    1.15 +
    1.16 +    Each party inputs a list of field elements *field_elements*. The
    1.17 +    values of the field elements are encrypted, the encrypted values
    1.18 +    are exchanged, and for each player, a zero-knowledge proof is
    1.19 +    carried out, proving that each player knows the plaintexts
    1.20 +    corresponding to the ciphertexts, he broadcasts, and that the
    1.21 +    plaintexts are of limited size.
    1.22 +
    1.23 +    Returns a deferred, which yields a list of PartialShareContents.
    1.24      """
    1.25      
    1.26      runtime.increment_pc()

     2.1 --- a/viff/bedoza/zero_knowledge.py	Mon Oct 04 10:27:01 2010 +0200
     2.2 +++ b/viff/bedoza/zero_knowledge.py	Mon Oct 04 10:58:23 2010 +0200
     2.3 @@ -23,12 +23,13 @@
     2.4  from viff.bedoza.util import rand_int_signed
     2.5  
     2.6  class ZKProof(object):
     2.7 -    """Protocol proving that a player's plaintexts are of limited size.
     2.8 -    
     2.9 -    This is a zero-knowledge protocol in which player with prover_id
    2.10 -    inputs s ciphertexts c[i] = E(x[j], r[j]), i = 1, ..., s, created
    2.11 -    using the modified Paillier cipher and proves to the other players
    2.12 -    that the x[i]'s are of limited size, e.g. that abs(x[i]) <= 2**k.
    2.13 +    """Zero-knowledge protocol used as part of the Share protocol.
    2.14 +
    2.15 +    In this proof, a player (the player with id prover_id) inputs s
    2.16 +    ciphertexts c[i] = E(x[j], r[j]), for i = 1, ..., s, created using
    2.17 +    the modified Paillier cipher and proves to the other players that
    2.18 +    he knows the plaintexts x[j] and that the x[i]'s are of limited
    2.19 +    size, e.g. that abs(x[i]) <= 2**k.
    2.20      """
    2.21      
    2.22      def __init__(self, s, prover_id, k, runtime, c, random=None, paillier=None, x=None, r=None):