示例#1
0
    def __init__(self, polynomial_list, chosen_candidate, G, com_pk):
        self.group = G
        self.com_pk = com_pk
        self.order = com_pk.order

        time_start_proof = time.process_time()
        chosen_candidate = Bn.from_num(chosen_candidate)
        random_to_eval = self.order.random()
        self.commitment_to_eval = com_pk.commit([chosen_candidate],
                                                random_to_eval)[0]

        value_eval = Bn.from_num(0)
        random_eval = Bn.from_num(0)
        commitment_eval = self.com_pk.commit([value_eval], random_eval)[0]

        self.proof = PolynomialProof(
            com_pk,
            polynomial_list,
            self.commitment_to_eval,
            commitment_eval,
            chosen_candidate,
            value_eval,
            random_to_eval,
            random_eval,
        )

        time_end_proof = time.process_time()

        self.time_proof = time_end_proof - time_start_proof
示例#2
0
    def verify(self, polynomial_list):

        value_eval = Bn.from_num(0)
        random_eval = Bn.from_num(0)
        commitment_eval = self.com_pk.commit([value_eval], random_eval)[0]

        time_start_verify = time.process_time()
        self.proof.verify(self.com_pk, polynomial_list,
                          self.commitment_to_eval, commitment_eval)
        time_end_verify = time.process_time()

        self.time_verify = time_end_verify - time_start_verify
示例#3
0
    def __init__(self, com_pk, commitment, product, A, randomizers):
        self.order = com_pk.group.order()
        self.m = len(A)
        self.n = len(A[0])

        # Maybe here we have a calculation which slows down the running time
        product_rows_A = [
            modular_prod([Bn.from_num(a[i]) for a in A], self.order)
            for i in range(self.n)
        ]
        self.commitment_products, randomizer_commitment_products = com_pk.commit(
            product_rows_A)

        self.hadamard = HadamardProductArgument(
            com_pk,
            commitment,
            self.commitment_products,
            A,
            randomizers,
            randomizer_commitment_products,
        )

        self.single_value = SingleValueProdArg(
            com_pk,
            self.commitment_products,
            product,
            product_rows_A,
            randomizer_commitment_products,
        )
    def __init__(
        self,
        kp_tally,
        pk_vote,
        added_token,
        reencrypted_vote,
        randomizer,
        number_dummies,
    ):
        # Security parameters
        self.sec_param = 256
        self.bn_two = Bn.from_num(2)
        self.hash_reduction = self.bn_two.pow(self.sec_param)

        self.pk_tally = kp_tally.pk
        self.sk_tally = kp_tally.sk
        self.group_tally = self.pk_tally.group
        self.generator_tally = self.group_tally.generator()
        self.order_tally = self.group_tally.order()

        self.pk_vote = pk_vote
        self.group_vote = self.pk_vote.group
        self.generator_vote = self.pk_vote.generator
        self.order_vote = self.group_vote.order()

        self.token = added_token
        self.reencrypted_vote = reencrypted_vote
        self.nr_candidates = self.reencrypted_vote.length
        self.randomizer = randomizer
        self.number_dummies = number_dummies

        self.hiding_sk = None
        self.hiding_randomizer = None
    def __init__(self, kp_tally, pk_vote, token, vote, reencrypted_vote,
                 randomizer):
        # Security parameters
        self.sec_param = 256
        self.bn_two = Bn.from_num(2)
        self.hash_reduction = self.bn_two.pow(self.sec_param)

        # Public key used for tokens
        self.pk_tally = kp_tally.pk
        self.sk_tally = kp_tally.sk
        self.group_tally = self.pk_tally.group
        self.generator_tally = self.group_tally.generator()
        self.order_tally = self.group_tally.order()

        # Public key used for votes
        self.pk_vote = pk_vote
        self.group_vote = self.pk_vote.group
        self.generator_vote = self.group_vote.generator()
        self.order_vote = self.group_vote.order()

        self.token = token
        self.vote = vote
        self.nr_candidates = self.vote.length
        self.reencrypted_vote = reencrypted_vote
        self.randomizer = randomizer

        self.hiding_sk = None
        self.hiding_randomizer = None
示例#6
0
def election_setup(group, number_voters, security_param):
    order = group.order()
    counter_space = Bn.from_num(2).pow(security_param - 2)
    vids = []
    counter = []
    for i in range(number_voters):
        vids.append(order.random())
        index = counter_space + counter_space.random()
        counter.append(index)

    return vids, counter
    def __init__(self, commitments, responses, challenge=None):
        # Security parameters
        self.sec_param = 256
        self.bn_two = Bn.from_num(2)
        self.hash_reduction = self.bn_two.pow(self.sec_param)

        (
            self.commitment_pk,
            self.commitment_token,
            self.commitment_vote1,
            self.commitment_vote2,
        ) = commitments
        self.response_sk, self.response_randomizer = responses
        self.challenge = challenge
示例#8
0
def compute_challenge_poly(transcript, p):
    """
    Compute challenge given transcript
    """
    transcript = flatten(transcript)
    m = hashlib.sha512()
    for element in transcript:
        try:
            m.update(element.commitment.export())
        except AttributeError:
            try:
                m.update(hex(element.commitment).encode())
            except:
                m.update(element.commitment.hex().encode())

    hashed = m.hexdigest()

    return (Bn.from_hex(hashed)).mod(Bn.from_num(p))
示例#9
0
def compute_challenge(transcript, p):
    """Compute challenge given transcript

    TODO: return something of the right size, l_c bits in the paper.
    TODO: use proper unique encoding of elements
    """

    m = hashlib.sha512()
    for element in transcript:
        try:
            m.update(element.export())
        except AttributeError:
            try:
                m.update(hex(element).encode())
            except:
                m.update(hex(element.vid).encode())
                m.update(hex(element.index).encode())
                m.update(hex(element.tag).encode())
                m.update(hex(element.vote).encode())
    hashed = m.hexdigest()

    return (Bn.from_hex(hashed)).mod(Bn.from_num(p))
示例#10
0
    def __init__(self, com_pk, commitment, product, committed_values,
                 randomizer):
        self.n = len(committed_values)
        self.order = com_pk.group.order()

        self.sec_param_l_e = 160
        self.sec_param_l_s = 80
        self.bn_two = Bn.from_num(2)

        # Prepare announcement
        products = [committed_values[0]]
        for i in range(1, self.n):
            products.append(
                (products[i - 1] * committed_values[i]).mod(self.order))

        commitment_rand_one = self.order.random()
        commitment_rand_two = self.order.random()
        commitment_rand_three = self.order.random()

        d_randoms = [self.order.random() for _ in range(self.n)]

        delta_randoms = [self.order.random() for _ in range(self.n)]
        delta_randoms[0] = d_randoms[0]
        delta_randoms[-1] = 0

        value_to_commit_two = [
            -delta_randoms[i] * d_randoms[i + 1] for i in range(self.n - 1)
        ]
        value_to_commit_three = [
            delta_randoms[i + 1] - committed_values[i + 1] * delta_randoms[i] -
            products[i] * d_randoms[i + 1] for i in range(self.n - 1)
        ]

        self.announcement_one, _ = com_pk.commit(d_randoms,
                                                 commitment_rand_one)
        self.announcement_two, _ = com_pk.commit_reduced(
            value_to_commit_two, self.n - 1, commitment_rand_two)
        self.announcement_three, _ = com_pk.commit_reduced(
            value_to_commit_three, self.n - 1, commitment_rand_three)

        # Compute challenge [Verify validity of this]
        self.challenge = compute_challenge(
            [
                commitment,
                product,
                self.announcement_one,
                self.announcement_two,
                self.announcement_three,
            ],
            self.order,
        )

        # Compute response
        self.response_committed_values = [
            (self.challenge * committed_values[i] + d_randoms[i]).mod(
                self.order) for i in range(self.n)
        ]
        self.response_product = [
            (self.challenge * products[i] + delta_randoms[i]).mod(self.order)
            for i in range(self.n)
        ]

        self.response_randomizer = (self.challenge * randomizer +
                                    commitment_rand_one).mod(self.order)
        self.response_randomizer_commitments = (
            self.challenge * commitment_rand_three + commitment_rand_two).mod(
                self.order)
示例#11
0
    values_sum = values[0]
    if len(values) > 1:
        for i in values[1:]:
            values_sum = (values_sum + i).mod(modulo)
    return values_sum


if __name__ == "__main__":
    # import doctest
    #
    # doctest.testmod()
    G = EcGroup()
    com_pk = com.PublicKey(G, 3)
    order = com_pk.group.order()
    A = [
        [Bn.from_num(10), Bn.from_num(20),
         Bn.from_num(30)],
        [Bn.from_num(40), Bn.from_num(20),
         Bn.from_num(30)],
        [Bn.from_num(60), Bn.from_num(20),
         Bn.from_num(40)],
    ]
    for _ in range(10):
        A.extend(A)
        length_A = len(A)
        commits_rands_A = [com_pk.commit(a) for a in A]
        comm_A = [a[0] for a in commits_rands_A]
        random_comm_A = [a[1] for a in commits_rands_A]
        b = modular_prod(
            [
                modular_prod([Bn.from_num(A[i][j])
示例#12
0
            product *= i
    return product


if __name__ == "__main__":
    # import doctest
    #
    # doctest.testmod()
    G = EcGroup()
    com_pk = com.PublicKey(G, 3)
    key_pair = elgamal.KeyPair(G)
    pk = key_pair.pk
    ctxts = [pk.encrypt((i) * G.generator()) for i in range(9)]
    ctxts = [ctxts[i * 3:(i + 1) * 3] for i in range(3)]
    exponents = [2, 0, 1, 3, 5, 8, 6, 7, 4]
    exponents_Bn = [Bn.from_num(i) for i in exponents]
    exponents = [exponents_Bn[i * 3:(i + 1) * 3] for i in range(3)]
    randomizers = [G.order().random() for _ in range(3)]

    reencryption_randomization = G.order().random()
    product_ctxts = prod([
        MultiExponantiation.ctxt_weighted_sum(ctxts[i], exponents[i])
        for i in range(3)
    ])

    exponantiated_reencrypted_product = (
        pk.encrypt(G.infinite(), reencryption_randomization) * product_ctxts)

    commitment_permutation = [
        com_pk.commit(exponents[i], randomizers[i])[0] for i in range(3)
    ]
    def __init__(self, kp_tally, pk_vote, tokens, vote, max_tag=None):
        # Security parameters
        self.sec_param = 256
        self.bn_two = Bn.from_num(2)
        self.hash_reduction = self.bn_two.pow(self.sec_param)

        self.pk_tally = kp_tally.pk
        self.group_tally = self.pk_tally.group
        self.order_tally = self.group_tally.order()
        self.pk_vote = pk_vote
        self.tokens = tokens
        if max_tag:
            self.max_tag = max_tag
        else:
            self.max_tag = self.tokens[-1]
        self.dummy = self.max_tag.decrypt(
            kp_tally.sk) == 1 * kp_tally.group.generator()
        self.vote = vote
        self.number_candidates = self.vote.length
        self.number_dummies = len(tokens)

        last_token_decryption = self.tokens[-1].decrypt(kp_tally.sk)

        self.added_token = tokens[0]
        for token in tokens[1:]:
            self.added_token = self.added_token * token

        if type(self.vote) != VoteVector:
            raise ValueError("Expected vote type of VoteVector")
        # reencryption of vote
        randomizer_reencryption = self.order_tally.random()

        if self.dummy:
            self.reencrypted_vote = VoteVector([
                pk_vote.encrypt(0 * kp_tally.group.generator(),
                                randomizer_reencryption)
            ] * self.number_candidates)
        else:
            self.reencrypted_vote = pk_vote.reencrypt(vote,
                                                      randomizer_reencryption)

        # Prover for dummy
        prover_dummy = DummyVoterReencryptionProver(
            kp_tally,
            pk_vote,
            self.added_token,
            self.reencrypted_vote,
            randomizer_reencryption,
            self.number_dummies,
        )

        # Prover for real
        prover_real = RealVoterReencryptionProver(
            kp_tally,
            pk_vote,
            self.max_tag,
            vote,
            self.reencrypted_vote,
            randomizer_reencryption,
        )

        # If the voter is real
        if last_token_decryption == 0 * self.group_tally.generator():
            self.proof_dummy = prover_dummy.simulate()

            commitment_pk, commitment_token, commitment_vote1, commitment_vote2 = list(
                prover_real.commit())

            # Challenge big proof
            self.main_challenge = compute_challenge(
                [commitment_pk] + [commitment_token] +
                commitment_vote1.tolist() + commitment_vote2.tolist() +
                [self.proof_dummy.commitment_pk] +
                [self.proof_dummy.commitment_token] +
                self.proof_dummy.commitment_vote1.tolist() +
                self.proof_dummy.commitment_vote2.tolist() +
                self.vote.tolist() + self.added_token.tolist() +
                [self.pk_vote.pk] + [self.pk_tally.pk],
                self.hash_reduction,
            )

            self.true_challenge = self.main_challenge - self.proof_dummy.challenge
            self.proof_real = prover_real.create_proof(
                [
                    commitment_pk, commitment_token, commitment_vote1,
                    commitment_vote2
                ],
                self.true_challenge,
            )

        # If the voter is dummy
        else:
            self.proof_real = prover_real.simulate()

            commitment_pk, commitment_token, commitment_vote1, commitment_vote2 = list(
                prover_dummy.commit())

            # Challenge big proof
            self.main_challenge = compute_challenge(
                [self.proof_real.commitment_pk] +
                [self.proof_real.commitment_token] +
                self.proof_real.commitment_vote1.tolist() +
                self.proof_real.commitment_vote2.tolist() + [commitment_pk] +
                [commitment_token] + commitment_vote1.tolist() +
                commitment_vote2.tolist() + self.vote.tolist() +
                self.added_token.tolist() + [self.pk_vote.pk] +
                [self.pk_tally.pk],
                self.hash_reduction,
            )

            self.true_challenge = self.main_challenge - self.proof_real.challenge
            self.proof_dummy = prover_dummy.create_proof(
                [
                    commitment_pk, commitment_token, commitment_vote1,
                    commitment_vote2
                ],
                self.true_challenge,
            )