github.com/jiajun1992/watercarver@v0.0.0-20191031150618-dfc2b17c0c4a/StadiumForWaterCarver/src/Verifier_toom.h (about) 1 /* 2 * Verifier_toom.h 3 * 4 * Created on: 25.04.2011 5 * Author: stephaniebayer 6 */ 7 8 #ifndef VERIFIER_TOOM_H_ 9 #define VERIFIER_TOOM_H_ 10 11 #include "Functions.h" 12 #include<vector> 13 #include "Cipher_elg.h" 14 #include "G_q.h" 15 #include "Mod_p.h" 16 #include "Pedersen.h" 17 #include "ElGammal.h" 18 #include "FakeZZ.h" 19 NTL_CLIENT 20 21 22 class Verifier_toom { 23 private: 24 long& m_r; 25 long n,m; // User input, defines the dimensions of the matrix used in the protocol, m rows, n columns 26 long omega; //window size for multi-exponentiation technique 27 long omega_sw; //window size for multi-exponentiation technique sliding window and LL 28 long omega_LL; //window size for multi-exponentiation technique of LL 29 30 vector<Mod_p>* c_A; //Commitments to the rows of A send from the prover in round 1 31 Mod_p c_D0; //commitment to the 0-th row in D 32 vector<Mod_p>* c_B; //Commitments to the rows of permuted exponents B send from the prover in round 3 33 vector<Mod_p>* c_B_small; //commitments after reduction with challenges x 34 vector<vector<Cipher_elg>* >* C_small; //smaller matrix of ciphertexts constructed for interaction 35 36 37 ZZ chal_x2; //Challenges for round 2, exponents for permutation 38 ZZ chal_y4; // Challenges to prove the use of the permutation in the prove of ciphertexts 39 ZZ chal_z4; // Challenges to create the polynomial prod(y_ij -z4), created in round 4 40 vector<ZZ>* chal_x6; // Vector of Vandermonde challenges x6, x6^2, ..., x6^m, generated in round 6 41 vector<ZZ>* chal_y6; // Vector of Vandermonde challenges y6, y6^2, ..., y6^m, generated in round 6 42 vector<ZZ> * chal_x8; // Vector of Vandermode challenges x8, x8^2 ... in round 8 43 vector<vector<long>* >* basis_chal_x8; //Vector of basis_vec for multi-expo 44 vector<ZZ>* mul_chal_x8; //Vector of basis_vec for multi-expo 45 vector<ZZ>* x; //Vector of challenges for reduction 46 47 Mod_p c_z; //Commitments to the vector containing z 48 49 //Commitments vectors from round 5 50 vector<Mod_p>* c_Dh; // commitments to D_h; 51 vector<Mod_p>* c_Ds;//contains commitment to D_s 52 Mod_p c_Dm; // commitment to last row in D_s; 53 vector<Mod_p>* c_Dl; // commitments to the values D_l 54 Mod_p c_B0; //Vector containing commitments to B_0i 55 vector<Mod_p>* c_a; //Vector containing the commitments to values used for the reencryption in 5 56 Mod_p c_d; //commitment to vector d 57 Mod_p c_Delta; //commitment to vector Delta 58 Mod_p c_dh; // commitment to vector d_h 59 vector<Mod_p>* c_a_c; //vector containing values used to reencrypt the E_c 60 61 vector<Cipher_elg>* E; //reencrypted product of the diogonals of the matrix of ciphertexts 62 vector<Cipher_elg>* C_c; //Ciphertexts to prove correctness of reduction 63 64 vector<ZZ>* D_h_bar;//Sum over the row in D_h multiplied by chal^i 65 ZZ r_Dh_bar;// sum over the random elements used for commiments to D_h 66 67 vector<ZZ>* d_bar; // chal_x8*D_h(m-1) +d 68 vector<ZZ>* Delta_bar;//chal_x8*d_h+Delta 69 ZZ r_d_bar; //chal_x8*r_Dh(m-1)+r_d 70 ZZ r_Delta_bar; //chal_x8*r_dh +r_Delta 71 72 vector<ZZ>* B_bar; // sum over the rows in B multiplied by chal^i 73 ZZ a_bar; //sum over the elements in a times chal^i 74 ZZ r_B_bar; //sum over the random elements used for B 75 ZZ r_a_bar; // sum over random elements used for a 76 ZZ rho_bar; //sum over random elements rho_a 77 78 vector<ZZ>* A_bar; //sum over the row in A times the challenges 79 vector<ZZ>* Ds_bar; //sum over the rows in Ds_bar times the challenges 80 81 ZZ r_A_bar; //sum over the random elements in r_A times the challenges 82 ZZ r_Ds_bar; //sum over the random elements in r_Ds times the challenges 83 ZZ r_Dl_bar; //sum over the random elements in r_Dl times the challenges 84 85 86 ZZ a_c_bar; //sum over elements to reencrypt E_low_up 87 ZZ r_ac_bar; // sum over random elements 88 /* ZZ F_c; //sum over elements to reencrypt E_low_up 89 ZZ Z_c; // sum over random elements 90 ZZ zeta_c; //sum over random elements rho_c*/ 91 92 public: 93 Verifier_toom(long& mr, bool do_process); 94 Verifier_toom(vector<long> num, int m, int n, long& mr, bool do_process, ElGammal* elgammal); 95 virtual ~Verifier_toom(); 96 97 void set_public_vector(istringstream& f, long n, int o1, int o2, int o3); 98 99 100 //Stores the commitments to matrix Y and sends challenges vector s_1 and s_2 to the prover 101 string round_2(const string& name, ZZ* challenge, ZZ* random_out); 102 string round_2(const string& name, ZZ& challenge, ZZ& random_in); 103 104 //round_4 stores the in output a of round_1 and outputs the challenges for round 3 105 string round_4(const string& name, ZZ* challenge, ZZ* random_out); 106 string round_4(const string& name, ZZ& challenge, ZZ& random_in); 107 108 //round_6 outputs the challenge t, t^2,.. 109 string round_6(const string& input, ZZ* challenge, ZZ* random_out); 110 string round_6(const string& input, ZZ& challenge, ZZ& random_in); 111 112 //first round for reductions, outputs challenges and 113 string round_6_red(const string& name, vector<vector<Cipher_elg>* >* enc, ZZ* challenge, ZZ* random_out); 114 string round_6_red(const string& name, vector<vector<Cipher_elg>* >* enc, ZZ& challenge, ZZ& random_in); 115 116 //round_6_red_2 second round of reduction outputs the challenge t, t^2,.. 117 string round_6_red1(const string& input, ZZ* challenge, ZZ* random_out); 118 string round_6_red1(const string& input, ZZ& challenge, ZZ& random_in); 119 120 //round 6 stores the output com of round 1 and outputs the challenges for round 7 121 string round_8(const string& input, ZZ* challenge, ZZ* random_out); 122 string round_8(const string& input, ZZ& challenge, ZZ& random_in); 123 124 //round 8 stores the input and checks the first set of equation, if all is true return challenges e, else -1 125 bool round_10(const string& name, vector<vector<Cipher_elg>* >* e,vector<vector<Cipher_elg>* >* E); 126 bool round_10_red(const string& name, vector<vector<Cipher_elg>* >* e,vector<vector<Cipher_elg>* >* E); 127 128 void calculate_c(Cipher_elg& c, vector<vector<Cipher_elg>* >* enc); 129 void calculate_ac(Mod_p& com); 130 void reduce_c_B(); 131 void calculate_C(Cipher_elg& C, vector<Cipher_elg>* E_c, vector<ZZ>* x); 132 133 void check_B(bool& b); 134 void check_B_red(bool& b); 135 void check_a(bool& b); 136 void check_c(vector<vector<Cipher_elg>* >* enc, bool& b); 137 void check_c_red(bool& b); 138 void check_E(vector<vector<Cipher_elg>* >* E, bool& b); 139 void check_E_red(vector<vector<Cipher_elg>* >* E, bool& b); 140 void check_ac(bool& b); 141 142 private: 143 ZZ make_challenge(ZZ* random) const; 144 bool check_challenge(ZZ& challenge, ZZ& random) const; 145 ZZ derive_from_challenge(ZZ& challenge, string id); 146 147 string round_2(const string& input, ZZ& challenge); 148 string round_4(const string& input, ZZ& challenge); 149 string round_6(const string& input, ZZ& challenge); 150 string round_6_red(const string& name, vector<vector<Cipher_elg>* >* enc, ZZ& challenge); 151 string round_6_red1(const string& name, ZZ& challenge); 152 153 string round_8(const string& name, ZZ& challenge); 154 bool do_process_; 155 ElGammal* elgammal_; 156 Pedersen ped_; 157 }; 158 159 #endif /* VERIFIER_TOOM_H_ */