viff

changeset 1556:698be97cc543

BeDOZa: Fixed bug in test case.
author Thomas P Jakobsen <tpj@cs.au.dk>
date Tue, 28 Sep 2010 11:57:48 +0200
parents 8c432745702b
children cc989536bad7
files viff/bedoza/zero_knowledge.py viff/test/bedoza/test_zero_knowledge.py
diffstat 2 files changed, 36 insertions(+), 20 deletions(-) [+]
line diff
     1.1 --- a/viff/bedoza/zero_knowledge.py	Tue Sep 28 09:36:57 2010 +0200
     1.2 +++ b/viff/bedoza/zero_knowledge.py	Tue Sep 28 11:57:48 2010 +0200
     1.3 @@ -37,9 +37,12 @@
     1.4          """
     1.5          random: a random source (e.g. viff.util.Random)
     1.6  
     1.7 -        All players must submit c, but only the player with id
     1.8 -        prover_id should submit x and r.
     1.9 +        All players must submit the same vector c, but only the player
    1.10 +        with id prover_id should submit the corresponding x and r, e.g. where
    1.11 +        c_i = E_i(x_i, r_i).
    1.12          """
    1.13 +        assert len(c) == s
    1.14 +        assert prover_id in runtime.players
    1.15          self.x = x
    1.16          self.r = r
    1.17          self.s = s
    1.18 @@ -109,11 +112,14 @@
    1.19              self.u.append(ui)
    1.20              self.v.append(vi)
    1.21              self.d.append(di)
    1.22 +        #print "Player", self.runtime.id, " d =", self.d
    1.23  
    1.24  
    1.25      def _generate_Z_and_W(self):
    1.26          self.Z = self._vec_add(self.u, self._vec_mul_E(self.x))
    1.27          self.W = self._vec_mul(self.v, self._vec_pow_E(self.r))
    1.28 +        #print "Player", self.runtime.id, " Z =", self.Z
    1.29 +        #print "Player", self.runtime.id, " W =", self.W
    1.30  
    1.31          #n = self.runtime.players[self.runtime.id].pubkey['n']
    1.32          #self.Z = [z % n for z in self.Z]
    1.33 @@ -135,6 +141,10 @@
    1.34          self.d = proof[0]
    1.35          self.Z = proof[1]
    1.36          self.W = proof[2]
    1.37 +        #print "Player", self.runtime.id, " Z =", self.Z
    1.38 +        #print "Player", self.runtime.id, " W =", self.W
    1.39 +        #print "Player", self.runtime.id, " d =", self.d
    1.40 +
    1.41  
    1.42      def _extract_bits(self, string, no_of_bits):
    1.43          """Returns list of first no_of_bits from the given string."""
    1.44 @@ -171,7 +181,7 @@
    1.45              h.update(repr(d))
    1.46          hash = h.digest()
    1.47          self.e = self._extract_bits(hash, self.s)
    1.48 -
    1.49 +        print "Player", self.runtime.id, " e =", self.e
    1.50  
    1.51      def _broadcast(self, values):
    1.52          msg = repr(values) if self.prover_id == self.runtime.id else None
     2.1 --- a/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 09:36:57 2010 +0200
     2.2 +++ b/viff/test/bedoza/test_zero_knowledge.py	Tue Sep 28 11:57:48 2010 +0200
     2.3 @@ -115,16 +115,6 @@
     2.4          zk._generate_e()
     2.5          self.assertEquals(e1, zk.e)
     2.6  
     2.7 -    def _generate_test_ciphertexts(self, paillier, random, k, s):
     2.8 -        xs, rs, cs = [], [], []
     2.9 -        for i in range(s):
    2.10 -            x = rand_int_signed(random, 2**k)
    2.11 -            r, c = paillier.encrypt_r(x)
    2.12 -            xs.append(x)
    2.13 -            rs.append(r)
    2.14 -            cs.append(c)
    2.15 -        return xs, rs, cs
    2.16 -
    2.17      def test_generate_Z_and_W_is_correct(self):
    2.18          s, Zn = 3, GF(17)
    2.19          zk = ZKProof(s, 1, Zn, 0, None, None)
    2.20 @@ -137,17 +127,33 @@
    2.21          self.assertEquals([1, 0, -1, 3, -3], zk.Z)
    2.22          self.assertEquals([3, 5, 14, 14, 14], zk.W)
    2.23  
    2.24 +
    2.25 +    def _generate_test_ciphertexts(self, random, runtime, k, s, prover_id):
    2.26 +        paillier = ModifiedPaillier(runtime, random)
    2.27 +        xs, rs, cs = [], [], []
    2.28 +        for i in range(s):
    2.29 +            x = rand_int_signed(random, 2**k)
    2.30 +            r, c = paillier.encrypt_r(x, player_id=prover_id)
    2.31 +            xs.append(x)
    2.32 +            rs.append(r)
    2.33 +            cs.append(c)
    2.34 +        return xs, rs, cs
    2.35 +
    2.36      @protocol
    2.37      def test_proof(self, runtime):
    2.38 -        k, s, random, Zn = 3, 3, Random(342344 + runtime.id), GF(17)
    2.39 -        prover_id = 1
    2.40 -
    2.41 -        paillier = ModifiedPaillier(runtime, Random(random.getrandbits(128)))
    2.42 -        x, r, c = self._generate_test_ciphertexts(paillier, random, k, s)
    2.43 +        seed = 2348838
    2.44 +        k, s, Zn, prover_id = 3, 3, GF(17), 1
    2.45 +        player_random = Random(seed + runtime.id)
    2.46 +        shared_random = Random(seed)
    2.47 +        paillier = ModifiedPaillier(runtime, Random(player_random.getrandbits(128)))
    2.48 +        x, r, c = self._generate_test_ciphertexts(shared_random, runtime, k, s, prover_id)
    2.49 +        print "Player", runtime.id, " x =", x
    2.50 +        print "Player", runtime.id, " r =", r
    2.51 +        print "Player", runtime.id, " c =", c
    2.52          if runtime.id == prover_id: 
    2.53 -            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random, x=x, r=r)
    2.54 +            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=player_random, x=x, r=r)
    2.55          else:
    2.56 -            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random)
    2.57 +            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=player_random)
    2.58  
    2.59          deferred_proof = zk.start()
    2.60          return deferred_proof