Skip to content
This repository has been archived by the owner on Jan 9, 2024. It is now read-only.

Fix the neff shuffle #189

Open
lbarman opened this issue May 14, 2018 · 1 comment
Open

Fix the neff shuffle #189

lbarman opened this issue May 14, 2018 · 1 comment

Comments

@lbarman
Copy link
Collaborator

lbarman commented May 14, 2018

https://github.com/dedis/kyber/blob/master/shuffle/shuffle_test.go
@lbarman
Copy link
Collaborator Author

lbarman commented Jun 12, 2018

We need the kyber v2 library to support it on gopkg.in, then courtesy from Alejandro:

package main

import (
	"encoding/hex"
	"fmt"
	"github.com/dedis/kyber"
	"github.com/dedis/kyber/proof"
	"github.com/dedis/kyber/shuffle"
	"github.com/dedis/kyber/suites"
	"github.com/lbarman/prifi/prifi-lib/crypto"
	//"gopkg.in/dedis/kyber.v2"
	//"gopkg.in/dedis/kyber.v2/suites"
	//"gopkg.in/dedis/kyber.v2/proof/dleq"
)

func main() {
	//var err error
	var suite = suites.MustFind("Ed25519")
	rand := suite.RandomStream()
	k := 5
	N := 10

	H, h := crypto.NewKeyPair()

	c := make([]kyber.Scalar, k) //prv
	C := make([]kyber.Point, k)  // pbl

	for i := 0; i < k; i++ {
		C[i], c[i] = crypto.NewKeyPair()
	}

	X := make([]kyber.Point, k)
	Y := make([]kyber.Point, k)
	r := suite.Scalar() // temporary
	for i := 0; i < k; i++ {
		r.Pick(rand)
		X[i] = suite.Point().Mul(r, nil)
		Y[i] = suite.Point().Mul(r, H) // ElGamal blinding factor
		Y[i].Add(Y[i], C[i])           // Encrypted client public key
	}

	for i := 0; i < N; i++ {
		// Do a key-shuffle
		Xbar, Ybar, prover := shuffle.Shuffle(suite, nil, H, X, Y, rand)
		prf, err := proof.HashProve(suite, "PairShuffle", prover)
		if err != nil {
			panic("Shuffle proof failed: " + err.Error())
		}
		fmt.Printf("proof:\n%s\n", hex.Dump(prf))

		fmt.Printf("%v", h) // here to avoid golang yelling

		// Check it
		verifier := shuffle.Verifier(suite, nil, H, X, Y, Xbar, Ybar)
		err = proof.HashVerify(suite, "PairShuffle", verifier, prf)
		if err != nil {
			panic("Shuffle verify failed: " + err.Error())
		}
	}
}

@lbarman lbarman closed this as completed Jun 12, 2018
@lbarman lbarman reopened this Jun 12, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lbarman