changeset 1556:698be97cc543

BeDOZa: Fixed bug in test case.
author Thomas P Jakobsen <tpj@cs.au.dk>
date Tue, 28 Sep 2010 11:57:48 +0200
parents 8c432745702b
children cc989536bad7
files viff/bedoza/zero_knowledge.py viff/test/bedoza/test_zero_knowledge.py
diffstat 2 files changed, 36 insertions(+), 20 deletions(-) [+]
line wrap: on
line diff
--- a/viff/bedoza/zero_knowledge.py	Tue Sep 28 09:36:57 2010 +0200
+++ b/viff/bedoza/zero_knowledge.py	Tue Sep 28 11:57:48 2010 +0200
@@ -37,9 +37,12 @@
         """
         random: a random source (e.g. viff.util.Random)
 
-        All players must submit c, but only the player with id
-        prover_id should submit x and r.
+        All players must submit the same vector c, but only the player
+        with id prover_id should submit the corresponding x and r, e.g. where
+        c_i = E_i(x_i, r_i).
         """
+        assert len(c) == s
+        assert prover_id in runtime.players
         self.x = x
         self.r = r
         self.s = s
@@ -109,11 +112,14 @@
             self.u.append(ui)
             self.v.append(vi)
             self.d.append(di)
+        #print "Player", self.runtime.id, " d =", self.d
 
 
     def _generate_Z_and_W(self):
         self.Z = self._vec_add(self.u, self._vec_mul_E(self.x))
         self.W = self._vec_mul(self.v, self._vec_pow_E(self.r))
+        #print "Player", self.runtime.id, " Z =", self.Z
+        #print "Player", self.runtime.id, " W =", self.W
 
         #n = self.runtime.players[self.runtime.id].pubkey['n']
         #self.Z = [z % n for z in self.Z]
@@ -135,6 +141,10 @@
         self.d = proof[0]
         self.Z = proof[1]
         self.W = proof[2]
+        #print "Player", self.runtime.id, " Z =", self.Z
+        #print "Player", self.runtime.id, " W =", self.W
+        #print "Player", self.runtime.id, " d =", self.d
+
 
     def _extract_bits(self, string, no_of_bits):
         """Returns list of first no_of_bits from the given string."""
@@ -171,7 +181,7 @@
             h.update(repr(d))
         hash = h.digest()
         self.e = self._extract_bits(hash, self.s)
-
+        print "Player", self.runtime.id, " e =", self.e
 
     def _broadcast(self, values):
         msg = repr(values) if self.prover_id == self.runtime.id else None
--- a/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 09:36:57 2010 +0200
+++ b/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 11:57:48 2010 +0200
@@ -115,16 +115,6 @@
         zk._generate_e()
         self.assertEquals(e1, zk.e)
 
-    def _generate_test_ciphertexts(self, paillier, random, k, s):
-        xs, rs, cs = [], [], []
-        for i in range(s):
-            x = rand_int_signed(random, 2**k)
-            r, c = paillier.encrypt_r(x)
-            xs.append(x)
-            rs.append(r)
-            cs.append(c)
-        return xs, rs, cs
-
     def test_generate_Z_and_W_is_correct(self):
         s, Zn = 3, GF(17)
         zk = ZKProof(s, 1, Zn, 0, None, None)
@@ -137,17 +127,33 @@
         self.assertEquals([1, 0, -1, 3, -3], zk.Z)
         self.assertEquals([3, 5, 14, 14, 14], zk.W)
 
+
+    def _generate_test_ciphertexts(self, random, runtime, k, s, prover_id):
+        paillier = ModifiedPaillier(runtime, random)
+        xs, rs, cs = [], [], []
+        for i in range(s):
+            x = rand_int_signed(random, 2**k)
+            r, c = paillier.encrypt_r(x, player_id=prover_id)
+            xs.append(x)
+            rs.append(r)
+            cs.append(c)
+        return xs, rs, cs
+
     @protocol
     def test_proof(self, runtime):
-        k, s, random, Zn = 3, 3, Random(342344 + runtime.id), GF(17)
-        prover_id = 1
-
-        paillier = ModifiedPaillier(runtime, Random(random.getrandbits(128)))
-        x, r, c = self._generate_test_ciphertexts(paillier, random, k, s)
+        seed = 2348838
+        k, s, Zn, prover_id = 3, 3, GF(17), 1
+        player_random = Random(seed + runtime.id)
+        shared_random = Random(seed)
+        paillier = ModifiedPaillier(runtime, Random(player_random.getrandbits(128)))
+        x, r, c = self._generate_test_ciphertexts(shared_random, runtime, k, s, prover_id)
+        print "Player", runtime.id, " x =", x
+        print "Player", runtime.id, " r =", r
+        print "Player", runtime.id, " c =", c
         if runtime.id == prover_id: 
-            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random, x=x, r=r)
+            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=player_random, x=x, r=r)
         else:
-            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random)
+            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=player_random)
 
         deferred_proof = zk.start()
         return deferred_proof