github.com/cloudflare/circl@v1.5.0/ot/simot/simot_test.go (about) 1 // Reference: https://eprint.iacr.org/2015/267.pdf (1 out of 2 OT case) 2 // Sender has 2 messages m0, m1 3 // Receiver receives mc based on the choice bit c 4 5 package simot 6 7 import ( 8 "bytes" 9 "crypto/rand" 10 "testing" 11 12 "github.com/cloudflare/circl/group" 13 ) 14 15 const testSimOTCount = 100 16 17 func simOT(myGroup group.Group, sender *Sender, receiver *Receiver, m0, m1 []byte, choice, index int) error { 18 // Initialization 19 A := sender.InitSender(myGroup, m0, m1, index) 20 21 // Round 1 22 // Sender sends A to receiver 23 B := receiver.Round1Receiver(myGroup, choice, index, A) 24 25 // Round 2 26 // Receiver sends B to sender 27 e0, e1 := sender.Round2Sender(B) 28 29 // Round 3 30 // Sender sends e0 e1 to receiver 31 errDec := receiver.Round3Receiver(e0, e1, receiver.c) 32 if errDec != nil { 33 return errDec 34 } 35 36 return nil 37 } 38 39 func testNegativeSimOT(t *testing.T, myGroup group.Group, choice int) { 40 var sender Sender 41 var receiver Receiver 42 m0 := make([]byte, myGroup.Params().ScalarLength) 43 m1 := make([]byte, myGroup.Params().ScalarLength) 44 _, errRand := rand.Read(m0) 45 if errRand != nil { 46 panic(errRand) 47 } 48 _, errRand = rand.Read(m1) 49 if errRand != nil { 50 panic(errRand) 51 } 52 53 // Initialization 54 A := sender.InitSender(myGroup, m0, m1, 0) 55 56 // Round 1 57 B := receiver.Round1Receiver(myGroup, choice, 0, A) 58 59 // Round 2 60 e0, e1 := sender.Round2Sender(B) 61 // Round 3 62 63 // Here we pass in the flipped choice bit, to prove the decryption will fail 64 // The receiver will not learn anything about m_{1-c} 65 errDec := receiver.Round3Receiver(e0, e1, 1-choice) 66 if errDec == nil { 67 t.Error("SimOT decryption failed", errDec) 68 } 69 70 if choice == 0 { 71 equal0 := bytes.Compare(sender.m0, receiver.mc) 72 if equal0 == 0 { 73 t.Error("Receiver decryption should fail") 74 } 75 equal1 := bytes.Compare(sender.m1, receiver.mc) 76 if equal1 == 0 { 77 t.Error("Receiver decryption should fail") 78 } 79 } else { 80 equal0 := bytes.Compare(sender.m0, receiver.mc) 81 if equal0 == 0 { 82 t.Error("Receiver decryption should fail") 83 } 84 equal1 := bytes.Compare(sender.m1, receiver.mc) 85 if equal1 == 0 { 86 t.Error("Receiver decryption should fail") 87 } 88 } 89 } 90 91 // Input: myGroup, the group we operate in 92 func testSimOT(t *testing.T, myGroup group.Group, choice int) { 93 var sender Sender 94 var receiver Receiver 95 96 m0 := make([]byte, myGroup.Params().ScalarLength) 97 m1 := make([]byte, myGroup.Params().ScalarLength) 98 _, errRand := rand.Read(m0) 99 if errRand != nil { 100 panic(errRand) 101 } 102 _, errRand = rand.Read(m1) 103 if errRand != nil { 104 panic(errRand) 105 } 106 107 errDec := simOT(myGroup, &sender, &receiver, m0, m1, choice, 0) 108 if errDec != nil { 109 t.Error("AES GCM Decryption failed") 110 } 111 112 if choice == 0 { 113 equal0 := bytes.Compare(sender.m0, receiver.mc) 114 if equal0 != 0 { 115 t.Error("Receiver decryption failed") 116 } 117 } else { 118 equal1 := bytes.Compare(sender.m1, receiver.mc) 119 if equal1 != 0 { 120 t.Error("Receiver decryption failed") 121 } 122 } 123 } 124 125 func benchmarSimOT(b *testing.B, myGroup group.Group) { 126 var sender Sender 127 var receiver Receiver 128 m0 := make([]byte, myGroup.Params().ScalarLength) 129 m1 := make([]byte, myGroup.Params().ScalarLength) 130 _, errRand := rand.Read(m0) 131 if errRand != nil { 132 panic(errRand) 133 } 134 _, errRand = rand.Read(m1) 135 if errRand != nil { 136 panic(errRand) 137 } 138 139 for iter := 0; iter < b.N; iter++ { 140 errDec := simOT(myGroup, &sender, &receiver, m0, m1, iter%2, 0) 141 if errDec != nil { 142 b.Error("AES GCM Decryption failed") 143 } 144 } 145 } 146 147 func benchmarkSimOTRound(b *testing.B, myGroup group.Group) { 148 var sender Sender 149 var receiver Receiver 150 m0 := make([]byte, myGroup.Params().ScalarLength) 151 m1 := make([]byte, myGroup.Params().ScalarLength) 152 _, errRand := rand.Read(m0) 153 if errRand != nil { 154 panic(errRand) 155 } 156 _, errRand = rand.Read(m1) 157 if errRand != nil { 158 panic(errRand) 159 } 160 161 b.Run("Sender-Initialization", func(b *testing.B) { 162 for i := 0; i < b.N; i++ { 163 sender.InitSender(myGroup, m0, m1, 0) 164 } 165 }) 166 167 A := sender.InitSender(myGroup, m0, m1, 0) 168 169 b.Run("Receiver-Round1", func(b *testing.B) { 170 for i := 0; i < b.N; i++ { 171 receiver.Round1Receiver(myGroup, 0, 0, A) 172 } 173 }) 174 175 B := receiver.Round1Receiver(myGroup, 0, 0, A) 176 177 b.Run("Sender-Round2", func(b *testing.B) { 178 for i := 0; i < b.N; i++ { 179 sender.Round2Sender(B) 180 } 181 }) 182 183 e0, e1 := sender.Round2Sender(B) 184 185 b.Run("Receiver-Round3", func(b *testing.B) { 186 for i := 0; i < b.N; i++ { 187 errDec := receiver.Round3Receiver(e0, e1, receiver.c) 188 if errDec != nil { 189 b.Error("Receiver-Round3 decryption failed") 190 } 191 } 192 }) 193 194 errDec := receiver.Round3Receiver(e0, e1, receiver.c) 195 if errDec != nil { 196 b.Error("Receiver-Round3 decryption failed") 197 } 198 199 // Confirm 200 equal0 := bytes.Compare(sender.m0, receiver.mc) 201 if equal0 != 0 { 202 b.Error("Receiver decryption failed") 203 } 204 } 205 206 func TestSimOT(t *testing.T) { 207 t.Run("SimOT", func(t *testing.T) { 208 for i := 0; i < testSimOTCount; i++ { 209 currGroup := group.P256 210 choice := i % 2 211 testSimOT(t, currGroup, choice) 212 } 213 }) 214 t.Run("SimOTNegative", func(t *testing.T) { 215 for i := 0; i < testSimOTCount; i++ { 216 currGroup := group.P256 217 choice := i % 2 218 testNegativeSimOT(t, currGroup, choice) 219 } 220 }) 221 } 222 223 func BenchmarkSimOT(b *testing.B) { 224 currGroup := group.P256 225 benchmarSimOT(b, currGroup) 226 } 227 228 func BenchmarkSimOTRound(b *testing.B) { 229 currGroup := group.P256 230 benchmarkSimOTRound(b, currGroup) 231 }