def prove(self, sk, x):
pi = [i for i in range(sk['n'])]
for i in range(sk['n']):
result = dotprod(1, -1, i + 1, lam_func, sk['u'], x)
pi[i] = sk['g1']**(sk['u_t'] * result)
result0 = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
pizero = sk['g1']**(sk['u_t'] * sk['u'][0] * result0)
y = self.F(sk, x)
return {'y': y, 'pi': pi, 'pi0': pizero}
def prove(self, sk, x):
pi = [i for i in range(sk['n'])]
for i in range(sk['n']):
result = dotprod(1, -1, i+1, lam_func, sk['u'], x)
pi[i] = sk['g1'] ** (sk['u_t'] * result)
result0 = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
pi_0 = sk['g1'] ** (sk['u_t'] * sk['u'][0] * result0)
y = self.F(sk, x)
return { 'y':y, 'pi':pi, 'pi0':pi_0 }
def prove(self, sk, x):
pi = {} # [i for i in range(sk['n'])]
for i in range(0, sk['n']):
dotProd0 = dotprod(1, -1, i + 1, lam_func, sk['u'], x)
pi[i + 1] = sk['g1']**(sk['u_t'] * dotProd0)
dotProd1 = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
pi[0] = sk['g1']**(sk['u_t'] * sk['u'][0] * dotProd1)
y = self.F(sk, x)
return {'y': y, 'pi': pi} #, 'pi0':pi_0 }
def prove(self, sk, x):
pi = [i for i in range(sk['n'])]
for i in range(sk['n']):
x = [group.init(ZR, long(j)) for j in x]
result = dotprod(1, -1, i + 1, lam_func, sk['u'], x)
pi[i] = sk['g1']**(sk['u_t'] * result)
result0 = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
pi_0 = sk['g1']**(sk['u_t'] * sk['u'][0] * result0)
y = self.F(sk, x)
return {'y': y, 'pi': pi, 'pi0': pi_0}
def prove(self, sk, x):
pi = {} # [i for i in range(sk['n'])]
for i in range(0, sk['n']):
x = [group.init(ZR, long(j)) for j in x]
dotProd0 = dotprod(1, -1, i+1, lam_func, sk['u'], x)
pi[i+1] = sk['g1'] ** (sk['u_t'] * dotProd0)
dotProd1 = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
pi[0] = sk['g1'] ** (sk['u_t'] * sk['u'][0] * dotProd1)
y = self.F(sk, x)
return { 'y':y, 'pi':pi } #, 'pi0':pi_0 }
def verify(self, mpk, ID, M, sig):
if debug:
print("Verify...")
k = waters.hash(ID)
m = waters.hash(M)
(S1, S2, S3) = sig["S1"], sig["S2"], sig["S3"]
A, g2 = mpk["A"], mpk["g2"]
comp1 = dotprod(1, -1, mpk["z"], lam_func, mpk["ub"], k)
comp2 = dotprod(1, -1, mpk["z"], lam_func, mpk["ub"], m)
lhs = pair(S1, g2) * pair(S2, mpk["u1b"] * comp1) * pair(S3, mpk["u2b"] * comp2)
# if ((pair(S1, g2) * pair(S2, mpk['u1b'] * comp1) * pair(S3, mpk['u2b'] * comp2)) == A):
if lhs == A:
return True
return False
def verify(self, mpk, ID, M, sig):
if debug: print("Verify...")
k = waters.hash(ID)
m = waters.hash(M)
(S1, S2, S3) = sig['S1'], sig['S2'], sig['S3']
A, g2 = mpk['A'], mpk['g2']
comp1 = dotprod(1, -1, mpk['z'], lam_func, mpk['ub'], k)
comp2 = dotprod(1, -1, mpk['z'], lam_func, mpk['ub'], m)
lhs = (pair(S1, g2) * pair(S2, mpk['u1b'] * comp1) *
pair(S3, mpk['u2b'] * comp2))
#if ((pair(S1, g2) * pair(S2, mpk['u1b'] * comp1) * pair(S3, mpk['u2b'] * comp2)) == A):
if lhs == A:
return True
return False
def batchV(self, SigmaList):
part1 = []
part2 = []
for index, item in enumerate(SigmaList):
[U, V], m, ring = item
part2.append(V)
lt = ''.join([bytes.decode(self.group.serialize(i)) for i in ring])
h = []
for u_i in U:
h.append(self.group.hash((m, lt, u_i), ZR))
lam_func = lambda i,a,b,c: a[i] + (b[i] * c[i])
part1.append(dotprod(1, -1, len(ring), lam_func, U, ring, h))
left = dotprod(1, -1, len(part1), lambda i, a: a[i], part1)
right = dotprod(1, -1, len(part2), lambda i, a: a[i], part2)
return (pair(left, self.mpk2) == pair(right, self.Q))
def verify(self,sigma, M, L):
Lt = ''.join([bytes.decode(self.group.serialize(i)) for i in L])
sign_num = len(L)
h = [1 for i in range(sign_num)]
for i in range(sign_num):
h[i] = self.group.hash((M, Lt, sigma[0][i]), ZR)
lam_func = lambda i,a,b,c: a[i] + (b[i] * c[i])
result = dotprod(1, -1, sign_num, lam_func, sigma[0], L, h)
return (pair(result, self.mpk2) == pair(sigma[1], self.Q))
def keygen(self, mpk, msk, ID):
if debug: print("Keygen alg...")
k = waters.hash(ID) # return list from k1,...,kz
if debug: print("k =>", k)
r = group.random(ZR)
k1 = msk * (
(mpk['u1t'] * dotprod(1, -1, mpk['z'], lam_func, mpk['u'], k))**r)
k2 = mpk['g1']**-r
return (k1, k2)
def keygen(self, mpk, msk, ID):
if debug:
print("Keygen alg...")
k = waters.hash(ID) # return list from k1,...,kz
if debug:
print("k =>", k)
r = group.random(ZR)
k1 = msk * ((mpk["u1t"] * dotprod(1, -1, mpk["z"], lam_func, mpk["u"], k)) ** r)
k2 = mpk["g1"] ** -r
return (k1, k2)
def sign(self, mpk, sk, M):
if debug: print("Sign alg...")
m = waters.hash(M) # return list from m1,...,mz
if debug: print("m =>", m)
(k1, k2) = sk
s = group.random(ZR)
S1 = k1 * (
(mpk['u2t'] * dotprod(1, -1, mpk['z'], lam_func, mpk['u'], m))**s)
S2 = k2
S3 = mpk['g1']**-s
return {'S1': S1, 'S2': S2, 'S3': S3}
def sign(self, mpk, sk, M):
if debug:
print("Sign alg...")
m = waters.hash(M) # return list from m1,...,mz
if debug:
print("m =>", m)
(k1, k2) = sk
s = group.random(ZR)
S1 = k1 * ((mpk["u2t"] * dotprod(1, -1, mpk["z"], lam_func, mpk["u"], m)) ** s)
S2 = k2
S3 = mpk["g1"] ** -s
return {"S1": S1, "S2": S2, "S3": S3}
def verify(self, mpk, L, M, sig):
u, S = sig['u'], sig['S']
Lt = self.concat(L)
num_signers = len(L)
h = [group.init(ZR, 1) for i in range(num_signers)]
for i in range(num_signers):
h[i] = H2(M, Lt, u[i])
pk = [ H1(i) for i in L] # get all signers pub keys
result = dotprod(1, -1, num_signers, lam_func, u, pk, h)
if pair(result, mpk['Pub']) == pair(S, mpk['g']):
return True
return False
def verify(self, mpk, L, M, sig):
u, S = sig["u"], sig["S"]
Lt = self.concat(L)
l = len(L)
h = [group.init(ZR, 1) for i in range(l)]
for i in range(l):
h[i] = H2(M, Lt, u[i])
pk = [H1(i) for i in L] # get all signers pub keys
result = dotprod(group.init(G1), -1, l, lam_func, u, pk, h)
if pair(result, mpk["Pub"]) == pair(S, mpk["g"]):
return True
return False
def verify(self, mpk, L, M, sig):
u, S = sig['u'], sig['S']
Lt = self.concat(L)
l = len(L)
h = [group.init(ZR, 1) for i in range(l)]
for i in range(l):
h[i] = H2(M, Lt, u[i])
pk = [H1(i) for i in L] # get all signers pub keys
result = dotprod(group.init(G1), -1, l, lam_func, u, pk, h)
if pair(result, mpk['Pub']) == pair(S, mpk['g']):
return True
return False
def ring_sign(self, M, L):
assert self.pk in L, "signer should be an element in L"
sign_num = len(L)
Lt = ''.join([bytes.decode(self.group.serialize(i)) for i in L])
u = [1 for i in range(sign_num)]
h = [self.group.init(ZR, 1) for i in range(sign_num)]
# sum_res = self.group.init(G1, 0)
for i in range(sign_num):
if L[i] != self.pk:
u[i] = self.group.random(G1)
h[i] = self.group.hash((M, Lt, u[i]), ZR)
else:
s = i
r = self.group.random(ZR)
# lam_func = lambda i,a,b,c: a[i] + b[i] * c[i]
lam_func = lambda i,a,b,c: a[i] + (b[i] * c[i])
u[s] = (self.pk * r) - dotprod(1, s, sign_num, lam_func, u, L, h)
h[s] = self.group.hash((M, Lt, u[s]), ZR)
v = self.sk * (h[s] + r)
return (u,v)
def sign(self, sk, L, M):
(IDs, IDpk, IDsk) = sk
assert IDs in L, "signer should be an element in L"
Lt = self.concat(L)
l = len(L)
u = [group.init(G1) for i in range(l)]
h = [group.init(ZR, 1) for i in range(l)]
for i in range(l):
if IDs != L[i]:
u[i] = group.random(G1)
h[i] = H2(M, Lt, u[i])
else:
s = i
r = group.random(ZR)
pk = [group.hash(i, G1) for i in L] # get all signers pub keys
u[s] = (IDpk**r) * ~dotprod(group.init(G1), s, l, lam_func, u, pk, h)
h[s] = group.hash((M, Lt, u[s]), ZR)
S = IDsk**(h[s] + r)
sig = {'u': u, 'S': S}
return sig
def sign(self, sk, L, M):
(IDs, IDpk, IDsk) = sk
assert IDs in L, "signer should be an element in L"
Lt = self.concat(L)
l = len(L)
u = [group.init(G1) for i in range(l)]
h = [group.init(ZR, 1) for i in range(l)]
for i in range(l):
if IDs != L[i]:
u[i] = group.random(G1)
h[i] = H2(M, Lt, u[i])
else:
s = i
r = group.random(ZR)
pk = [group.hash(i, G1) for i in L] # get all signers pub keys
u[s] = (IDpk ** r) * ~dotprod(group.init(G1), s, l, lam_func, u, pk, h)
h[s] = group.hash((M, Lt, u[s]), ZR)
S = IDsk ** (h[s] + r)
sig = {"u": u, "S": S}
return sig
def sign(self, sk, L, M):
(IDs, IDpk, IDsk) = sk
assert IDs in L, "signer should be an element in L"
Lt = self.concat(L)
num_signers = len(L)
u = [1 for i in range(num_signers)]
h = [group.init(ZR, 1) for i in range(num_signers)]
for i in range(num_signers):
if IDs != L[i]:
u[i] = group.random(G1)
h[i] = H2(M, Lt, u[i])
else:
s = i
r = group.random(ZR)
pk = [ H1(i) for i in L] # get all signers pub keys
u[s] = (IDpk ** r) * (dotprod(1, s, num_signers, lam_func, u, pk, h) ** long(-1))
h[s] = H2(M, Lt, u[s])
S = IDsk ** (h[s] + r)
sig = { 'u':u, 'S':S }
return sig
def sign(self, sk, L, M):
(IDs, IDpk, IDsk) = sk
assert IDs in L, "signer should be an element in L"
Lt = self.concat(L)
num_signers = len(L)
u = [1 for i in range(num_signers)]
h = [group.init(ZR, 1) for i in range(num_signers)]
for i in range(num_signers):
if IDs != L[i]:
u[i] = group.random(G1)
h[i] = H2(M, Lt, u[i])
else:
s = i
r = group.random(ZR)
pk = [H1(i) for i in L] # get all signers pub keys
u[s] = (IDpk**r) * (dotprod(1, s, num_signers, lam_func, u, pk, h)**-1)
h[s] = H2(M, Lt, u[s])
S = IDsk**(h[s] + r)
sig = {'u': u, 'S': S}
return sig
def F(self, sk, x):
result = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
return pair(sk['g1'] ** (sk['u_t'] * sk['u'][0] * result), sk['h'])
def F(self, sk, x):
result = dotprod(1, -1, sk['n'], lam_func, sk['u'], x)
return pair(sk['g1']**(sk['u_t'] * sk['u'][0] * result), sk['h'])