viff

changeset 1554:bef695aa76bf

BeDOZa: Fixed zero-knowledge proof.
author Thomas P Jakobsen <tpj@cs.au.dk>
date Mon, 27 Sep 2010 14:54:16 +0200
parents 3105692a258f
children 8c432745702b
files viff/bedoza/zero_knowledge.py viff/test/bedoza/test_zero_knowledge.py
diffstat 2 files changed, 27 insertions(+), 23 deletions(-) [+]
line diff
     1.1 --- a/viff/bedoza/zero_knowledge.py	Mon Sep 27 13:58:24 2010 +0200
     1.2 +++ b/viff/bedoza/zero_knowledge.py	Mon Sep 27 14:54:16 2010 +0200
     1.3 @@ -83,23 +83,20 @@
     1.4              #print 'x', len(self.x)
     1.5              #print 'e', len(self.e)
     1.6              #print 'u', len(self.u)
     1.7 -            return
     1.8 +            return True # TODO
     1.9          self._deserialize_proof(serialized_proof)
    1.10          self._generate_e()
    1.11 -        q = self._vec_mul(self.d, self._vec_pow_E(self.c))
    1.12 -        
    1.13 -
    1.14 -
    1.15 +        S = self._vec_mul(self.d, self._vec_pow_E(self.c))
    1.16 +        T = [self.paillier.encrypt(self.Z[j], player_id=self.prover_id, random_elm=self.W[j]) for j in range(self.m)]
    1.17          #print 'Z', len(self.Z)
    1.18          #print 'W', len(self.W)
    1.19          
    1.20 -
    1.21          for j in xrange(self.m):
    1.22 -            pass
    1.23 -            #print
    1.24 -            #print '---'
    1.25 -            #print self.runtime.id,  self.paillier.encrypt_with_randomness(self.Z[j], self.W[j])[1]
    1.26 -            #print self.runtime.id, q[j]
    1.27 +            n = self.runtime.players[self.prover_id].pubkey['n']
    1.28 +            print
    1.29 +            print '---'
    1.30 +            print self.runtime.id, j, S[j] % n
    1.31 +            print self.runtime.id, j, T[j] % n
    1.32  
    1.33              # TODO: Verify!
    1.34  
    1.35 @@ -113,9 +110,13 @@
    1.36              self.v.append(vi)
    1.37              self.d.append(di)
    1.38  
    1.39 +
    1.40      def _generate_Z_and_W(self):
    1.41          self.Z = self._vec_add(self.u, self._vec_mul_E(self.x))
    1.42          self.W = self._vec_mul(self.v, self._vec_pow_E(self.r))
    1.43 +
    1.44 +        #n = self.runtime.players[self.runtime.id].pubkey['n']
    1.45 +        #self.Z = [z % n for z in self.Z]
    1.46          
    1.47      def _get_proof_broadcasted_by_prover(self):
    1.48          serialized_proof = None
     2.1 --- a/viff/test/bedoza/test_zero_knowledge.py	Mon Sep 27 13:58:24 2010 +0200
     2.2 +++ b/viff/test/bedoza/test_zero_knowledge.py	Mon Sep 27 14:54:16 2010 +0200
     2.3 @@ -86,17 +86,6 @@
     2.4          runtime.schedule_callback(res, verify)
     2.5          return res
     2.6  
     2.7 -    @protocol
     2.8 -    def test_proof(self, runtime):
     2.9 -        k, s, random, Zn = 5, 5, Random(342344), GF(17)
    2.10 -
    2.11 -        paillier = ModifiedPaillier(runtime, Random(random.getrandbits(128)))
    2.12 -        x, r, c = self._generate_test_ciphertexts(paillier, random, k, s)
    2.13 -        zk = ZKProof(s, 1, Zn, k, runtime, c, paillier=paillier, random=random, x=x, r=r)
    2.14 -        zk.e = [1, 0, 0, 1, 1]
    2.15 -        deferred_proof = zk.start()
    2.16 -        return deferred_proof
    2.17 -
    2.18      def test_extract_bits(self):
    2.19          s = 5
    2.20          zk = ZKProof(s, None, None, 0, None, None)
    2.21 @@ -147,7 +136,21 @@
    2.22          zk._generate_Z_and_W()
    2.23          self.assertEquals([1, 0, -1, 3, -3], zk.Z)
    2.24          self.assertEquals([3, 5, 14, 14, 14], zk.W)
    2.25 -            
    2.26 +
    2.27 +    @protocol
    2.28 +    def test_proof(self, runtime):
    2.29 +        k, s, random, Zn = 3, 3, Random(342344 + runtime.id), GF(17)
    2.30 +        prover_id = 1
    2.31 +
    2.32 +        paillier = ModifiedPaillier(runtime, Random(random.getrandbits(128)))
    2.33 +        x, r, c = self._generate_test_ciphertexts(paillier, random, k, s)
    2.34 +        if runtime.id == prover_id: 
    2.35 +            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random, x=x, r=r)
    2.36 +        else:
    2.37 +            zk = ZKProof(s, prover_id, Zn, k, runtime, c, paillier=paillier, random=random)
    2.38 +
    2.39 +        deferred_proof = zk.start()
    2.40 +        return deferred_proof
    2.41  
    2.42  # TODO: Test succeeding proof.
    2.43  # TODO: Test failing proof.