tests/specific_trustee_key.py tests/trustee_keys.py @@ -210,6 +210,33 @@ class EGPublicKey: return {'y' : str(self.y), 'p' : str(self.p), 'g' : str(self.g) , 'q' : str(self.q)} toJSONDict = to_dict + + def __mul__(self,other): + if other == 0 or other == 1: + return self + + # check p and q + if self.p != other.p or self.q != other.q or self.g != other.g: + raise Exception("incompatible public keys") + + result = EGPublicKey() + result.p = self.p + result.q = self.q + result.g = self.g + result.y = (self.y * other.y) % result.p + return result + + def verify_sk_proof(self, dlog_proof, challenge_generator = None): + """ + verify the proof of knowledge of the secret key + g^response = commitment * y^challenge + """ + left_side = pow(self.g, dlog_proof.response, self.p) + right_side = (dlog_proof.commitment * pow(self.y, dlog_proof.challenge, self.p)) % self.p + + expected_challenge = challenge_generator(dlog_proof.commitment) % self.q + + return ((left_side == right_side) and (dlog_proof.challenge == expected_challenge)) @classmethod def from_dict(cls, d): @@ -283,6 +310,21 @@ class EGSecretKey: toJSONDict = to_dict + def prove_sk(self, challenge_generator): + """ + Generate a PoK of the secret key + Prover generates w, a random integer modulo q, and computes commitment = g^w mod p. + Verifier provides challenge modulo q. + Prover computes response = w + x*challenge mod q, where x is the secret key. + """ + w = Utils.random_mpz_lt(self.pk.q) + commitment = pow(self.pk.g, w, self.pk.p) + challenge = challenge_generator(commitment) % self.pk.q + response = (w + (self.x * challenge)) % self.pk.q + + return DLogProof(commitment, challenge, response) + + @classmethod def from_dict(cls, d): if not d: @@ -559,6 +601,22 @@ class EGZKDisjunctiveProof: toJSONDict = to_dict +class DLogProof(object): + def __init__(self, commitment, challenge, response): + self.commitment = commitment + self.challenge = challenge + self.response = response + + def to_dict(self): + return {'challenge': str(self.challenge), 'commitment': str(self.commitment), 'response' : str(self.response)} + + toJSONDict = to_dict + + @classmethod + def from_dict(cls, d): + dlp = cls(int(d['commitment']), int(d['challenge']), int(d['response'])) + return dlp + def EG_disjunctive_challenge_generator(commitments): array_to_hash = [] for commitment in commitments: @@ -567,4 +625,8 @@ def EG_disjunctive_challenge_generator(commitments): string_to_hash = ",".join(array_to_hash) return int(sha.new(string_to_hash).hexdigest(),16) + +def DLog_challenge_generator(commitment): + string_to_hash = str(commitment) + return int(sha.new(string_to_hash).hexdigest(),16) crypto/algs.py 0d9f910b8f49823fb8d38a561b018d07d92b5c9d Ben Adida ben@adida.net http://github.com/benadida/helios/commit/f2d9401410cfe5ad66e0b3b2463bddf62e51defa f2d9401410cfe5ad66e0b3b2463bddf62e51defa 2009-01-12T21:46:04-08:00 2009-01-12T21:46:04-08:00 added trustee key proving and verification to python library, verified that javascript-generated trustee keys validate in python 946a8d5961a3428b45f0e68c84a69b594679b75d Ben Adida ben@adida.net