Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: new protocol for zk paillier encryption in range with el gamal … #3

Open
wants to merge 1 commit into
base: m
Choose a base branch
from
Open

feat: new protocol for zk paillier encryption in range with el gamal … #3

wants to merge 1 commit into from

Conversation

jfdreis
Copy link
Collaborator

@jfdreis jfdreis commented Nov 22, 2024

…commitment

@jfdreis jfdreis requested a review from manel1874 November 22, 2024 17:20
manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
Comment on lines +23 to +30
//! # mod pregenerated {
//! # use super::*;
//! # paillier_zk::load_pregenerated_data!(
//! # verifier_aux: p::Aux,
//! # prover_decryption_key: fast_paillier::DecryptionKey,
//! # );
//! # }
//! # fn main() -> Result<(), Box<dyn std::error::Error>> {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think these lines are providing any useful info.

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
//! let shared_state = "some shared state";
//!
//! let mut rng = rand_core::OsRng;
//! # let mut rng = rand_dev::DevRng::new();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
//! # let mut rng = rand_dev::DevRng::new();

Same here

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
Comment on lines +57 to +58
//! let a = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
//! let b = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
Copy link
Member

@manel1874 manel1874 Jan 10, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same discussion as here: I think you should use the curve order instead and the get_invertible.

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
Comment on lines +289 to +294
{
fail_if_ne(
InvalidProofReason::EqualityCheck(1),
&data.ciphertext.gcd_ref(data.key.n()).complete(),
Integer::ONE,
)?;
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What is this condition wrt the paper? Can you add a comment here?

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
Comment on lines +324 to +328
// let s_to_e: Integer = commitment
// .s
// .pow_mod_ref(challenge, &aux.rsa_modulo)
// .ok_or(BadExponent::undefined())?
// .into();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// let s_to_e: Integer = commitment
// .s
// .pow_mod_ref(challenge, &aux.rsa_modulo)
// .ok_or(BadExponent::undefined())?
// .into();

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
Comment on lines +474 to +475
let a = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
let b = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Same as above. Use the curve order instead

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
let plaintext = (Integer::ONE << (security.l + security.epsilon)).complete() + 1;
let a = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
let b = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
let r = run_with::<C, D>(&mut rng, security, plaintext, a,b).expect_err("proof should not pass");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
let r = run_with::<C, D>(&mut rng, security, plaintext, a,b).expect_err("proof should not pass");
let r = run_with::<C, D>(&mut rng, security, plaintext, a, b).expect_err("proof should not pass");

manel1874
manel1874 reviewed Jan 10, 2025
View reviewed changes
src/paillier_encryption_in_range_with_el_gamal.rs
let plaintext = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
let a = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
let b = Integer::from_rng_pm(&(Integer::ONE << security.l).complete(), &mut rng);
run_with::<C, D>(&mut rng, security, plaintext,a, b).expect("proof failed");
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
run_with::<C, D>(&mut rng, security, plaintext,a, b).expect("proof failed");
run_with::<C, D>(&mut rng, security, plaintext, a, b).expect("proof failed");

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manel1874 manel1874 manel1874 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jfdreis @manel1874