def test_correctly_retrieves_third_index(self):
r_theta = 2
s_theta = 3
theta = 5
g1 = Vector([2, 3, 4])
g2 = Vector([1, 1, 1])
commitment = Commitment(r_theta, s_theta, theta, g1, g2)
output = commitment.calculate()
self.assertEqual(output[2], commitment[2])
def test_correctly_calculates_and_stores_value(self):
r_theta = 2
s_theta = 3
theta = 5
g1 = Vector([2, 3, 4])
g2 = Vector([1, 1, 1])
commitment = Commitment(r_theta, s_theta, theta, g1, g2)
element1 = g1.elements[0]**r_theta
element2 = g2.elements[1]**s_theta
element3 = theta * (g1[2]**r_theta) * (g2[2]**s_theta)
self.assertEqual(commitment.value,
Vector([element1, element2, element3]))
def sign(self, params: PublicParams, private_key: PrivateKey, message: str,
outsourced_signature: OutsourcedSignature) -> Signature:
T2 = outsourced_signature.T2_dash * private_key.h
T1 = outsourced_signature.C_T1_dash.theta
theta = params.hi[self.s - self.t]
equality_term1 = pair(T1, outsourced_signature.Hs)
equality_term2 = pair(params.u, theta)
equality_term3 = pair(T2, params.vi[params.n - self.s + self.t])
if equality_term1 != equality_term2 * equality_term3:
raise EqualityDoesNotHold
g_3_m = self.calculate_g3_m_vector(params.g3, message)
t1, t2, t_theta = self.group.random(), self.group.random(), self.group.random()
C_T1 = outsourced_signature.C_T1_dash.calculate().dot(g_3_m.exp(t1))
C_T2 = outsourced_signature.C_T2_dash.calculate().dot(
Vector([1, 1, private_key.h])).dot(
g_3_m.exp(t2)
)
C_theta = outsourced_signature.C_theta_dash.calculate().dot(g_3_m.exp(t_theta))
pi_1 = outsourced_signature.pi_1_dash.dot(
Vector([
outsourced_signature.g_r,
outsourced_signature.g_s,
(outsourced_signature.Hs ** t1) *
(1 / (params.u ** t_theta)) *
(1 / (params.vi[params.n - self.s + self.t] ** t2))
])
)
pi_2 = outsourced_signature.pi_2_dash.dot(Vector([1, 1, (params.g ** t_theta)]))
return Signature(C_T1=C_T1, C_T2=C_T2, C_theta=C_theta, pi_1=pi_1, pi_2=pi_2)
def setup(self, attribute_universe: list, n: int) -> (PublicParams, MasterSecretKey):
# Let g, h be two generators of G.
g, h = self.group.random(G1), self.group.random(G1)
alpha, beta, gamma = self.group.random(ZR), self.group.random(ZR), self.group.random(ZR)
u = g ** beta
vi = [g ** (alpha / (gamma ** i)) for i in range(n + 1)]
hi = [h ** (alpha * (gamma ** i)) for i in range(n + 1)]
generator1 = self.group.random(G1)
generator2 = self.group.random(G2)
g1 = Vector([generator1, self.identity_element, g])
g2 = Vector([self.identity_element, generator2, g])
g3 = []
for i in range(self.k + 1):
xi1, xi2 = self.group.random(ZR), self.group.random(ZR)
g3.append(Vector([generator1 ** xi1, generator2 ** xi2, g ** (xi1 + xi2)]))
return (PublicParams(attribute_universe=attribute_universe,
n=n, g=g, h=h, u=u, vi=vi, hi=hi, g1=g1, g2=g2, g3=g3),
MasterSecretKey(alpha=alpha, beta=beta, gamma=gamma))
def sign_out(self, params: PublicParams, osk: OutsourcingKey,
threshold_policy: ThresholdPolicy) -> OutsourcedSignature:
s = len(threshold_policy.policy)
t = threshold_policy.threshold
common_attributes = [at for at in threshold_policy.policy if at in osk.hashed_attributes]
if len(common_attributes) < t:
raise NotEnoughMatchingAttributes
# Find some set of size t of common attributes
common_attributes = common_attributes[:t]
T1 = aggregate(list(common_attributes), osk.g1[:t])
if T1 == -1: # -1 is the error symbol of Aggregate
raise AggregateFailed
remaining_attributes = [at for at in threshold_policy.policy if at not in common_attributes]
T2_b_coefficients = get_polynomial_coefficients(remaining_attributes)
T2_b_coefficients.append(1)
T2_dash = osk.h2
for i in range(s - t):
T2_dash *= osk.h1[i + params.n - s + t - 1] ** T2_b_coefficients[i]
Hs = calculate_Hs_polynomial(threshold_policy.policy, params.hi)
equality_term1 = pair(T1, Hs)
equality_term2 = pair(params.u * osk.g2, params.hi[s - t])
equality_term3 = pair(T2_dash, params.vi[params.n - s + t])
if equality_term1 != equality_term2 * equality_term3:
raise EqualityDoesNotHold
r1, s1, r2, s2 = self.group.random(ZR), self.group.random(ZR), self.group.random(ZR), self.group.random(ZR)
r_theta, s_theta = self.group.random(ZR), self.group.random(ZR)
C_T1_dash = Commitment(r1, s1, T1, params.g1, params.g2)
C_T2_dash = Commitment(r2, s2, T2_dash, params.g1, params.g2)
pi_1_dash_1 = (Hs ** r1) * ((params.u * osk.g2) ** -r_theta) * (params.vi[params.n - s + t] ** -r2)
pi_1_dash_2 = (Hs ** s1) * ((params.u * osk.g2) ** -s_theta) * (params.vi[params.n - s + t] ** -s2)
pi_1_dash = Vector([pi_1_dash_1, pi_1_dash_2, self.identity_element])
pi_2_dash = Vector([params.g ** r_theta, params.g ** s_theta, 1])
g_r = osk.g2 ** r_theta
g_s = osk.g2 ** s_theta
C_theta_dash = Commitment(r_theta, s_theta, params.hi[s - t], params.g1, params.g2)
return OutsourcedSignature(
C_T1_dash=C_T1_dash,
C_T2_dash=C_T2_dash,
C_theta_dash=C_theta_dash,
pi_1_dash=pi_1_dash,
pi_2_dash=pi_2_dash,
T2_dash=T2_dash,
Hs=Hs,
g_r=g_r,
g_s=g_s
)
def calculate(self) -> Vector:
return Vector([
self.g1[0]**self.r_theta, self.g2[1]**self.s_theta, self.theta *
(self.g1[2]**self.r_theta) * (self.g2[2]**self.s_theta)
])
def test_vector_dot_product(self):
vector1 = Vector([1, 2, 3])
vector2 = Vector([2, 3, 4])
dot_product = vector1.dot(vector2)
self.assertEqual(dot_product, Vector([2, 6, 12]))
def test_two_equal_vectors(self):
vector1 = Vector([1, 2, 3])
vector2 = Vector([1, 2, 3])
self.assertTrue(vector1 == vector2)
def test_vector_third_index_correctly_retrieved(self):
vector = Vector([1, 2, 3])
self.assertEqual(3, vector[2])
def test_vector_second_index_correctly_retrieved(self):
vector = Vector([1, 2, 3])
self.assertEqual(2, vector[1])
def test_vector_first_index_correctly_retrieved(self):
vector = Vector([1, 2, 3])
self.assertEqual(1, vector[0])