github.com/jiajun1992/watercarver@v0.0.0-20191031150618-dfc2b17c0c4a/StadiumForWaterCarver/src/multi_expo.cpp (about) 1 /* 2 * multi_expo.cpp 3 * 4 * Created on: 02.07.2012 5 * Author: stephaniebayer 6 */ 7 8 #include "multi_expo.h" 9 #include "G_q.h" 10 #include "ElGammal.h" 11 #include "Pedersen.h" 12 #include "Cipher_elg.h" 13 #include "FakeZZ.h" 14 #include "CurvePoint.h" 15 NTL_CLIENT 16 #include<vector> 17 using namespace std; 18 #include <iostream> 19 #include <time.h> 20 #include <fstream> 21 22 #include <assert.h> 23 24 extern G_q G; 25 extern G_q H; 26 extern ElGammal El; 27 extern Pedersen Ped; 28 29 multi_expo::multi_expo() {} 30 31 multi_expo::~multi_expo() {} 32 33 34 vector<vector<int>*>* multi_expo::to_binary(int win){ 35 36 vector<vector<int>* >* ret; 37 vector<int>* temp; 38 long e,i,j; 39 40 e = (1L << win); 41 ret = new vector<vector<int>* >(e); 42 for (i = 0; i<e; i++){ 43 temp = new vector<int>(win); 44 for (j=0; j<win; j++){ 45 temp->at(j) =bit(i,j); 46 } 47 ret->at(i)=temp; 48 } 49 return ret; 50 51 } 52 53 long multi_expo::to_long(vector<int>* bit_r){ 54 55 long t, length; 56 long i; 57 58 length =bit_r->size(); 59 t=0; 60 for(i = 0; i<length; i++ ){ 61 t = t+bit_r->at(i)*(1L << i); 62 } 63 return t; 64 } 65 66 void multi_expo::to_long(long& t,vector<int>* bit_r){ 67 68 long length; 69 long i; 70 71 length =bit_r->size(); 72 t=0; 73 for(i = 0; i<length; i++ ){ 74 t = t+bit_r->at(i)*(1L << i); 75 } 76 } 77 78 vector<long>* multi_expo::to_basis(ZZ e, long num_b, int omega){ 79 long i, j, l, t; 80 vector<int>* bit_r; 81 vector<long>* basis; 82 bit_r = new vector<int>(omega); 83 t= num_b/omega +1; 84 basis = new vector<long>(t); 85 86 j=0; 87 l=0; 88 89 for(i=0; i<num_b; i++){ 90 bit_r->at(j)=bit(e,i); 91 j++; 92 if(j==omega){ 93 to_long(basis->at(l),bit_r); 94 j=0; 95 l++; 96 } 97 else if(i == num_b-1){ 98 for(j = j; j<omega; j++){ 99 bit_r->at(j)= 0; 100 to_long(basis->at(l),bit_r); 101 } 102 } 103 } 104 delete bit_r; 105 return basis; 106 107 } 108 109 110 vector<vector<vector<long>* >* >* multi_expo::to_basis_vec(vector<vector<ZZ>* >* a, long num_b, int omega){ 111 vector<vector<vector<long>* >* >* basis_vec=0; 112 vector<vector<long>* >* basis_row=0; 113 vector<long>* basis = 0; 114 long i, j, m,n; 115 m=a->size(); 116 n=a->at(0)->size(); 117 basis_vec = new vector<vector<vector<long>* >* >(m+1); 118 119 for (i = 0; i<m; i++){ 120 121 basis_row = new vector<vector<long>* >(n); 122 for (j = 0; j<n; j++){ 123 basis = to_basis(a->at(i)->at(j), num_b, omega); 124 basis_row->at(j)= basis; 125 } 126 basis_vec->at(i+1) = basis_row; 127 } 128 delete basis; 129 return basis_vec; 130 } 131 132 void multi_expo::expo_mult(CurvePoint& prod, const vector<ZZ>* e, ZZ ran, int omega_expo, vector<Mod_p>* gen){ 133 long i, j, k, l,t; 134 vector<vector<long>* >* basis_vec; 135 long length;// num_b; 136 CurvePoint p, temp_1, temp_2; 137 ZZ mod; 138 long num_b; 139 140 length = e->size(); 141 mod = G.get_mod(); 142 num_b = NumBits(G.get_ord()); 143 l = num_b/omega_expo +1; 144 basis_vec = new vector<vector<long>* >(length+1); 145 basis_vec->at(0) = to_basis(ran, num_b, omega_expo); 146 for(i = 0; i<length; i++){ 147 basis_vec->at(i+1) = to_basis(e->at(i), num_b, omega_expo); 148 } 149 prod = curve_zeropoint(); 150 p = curve_zeropoint(); 151 t = (1L << omega_expo) - 1; 152 length = length +1; 153 for(i=l-1; i>0; i--){ 154 155 p = curve_zeropoint(); 156 for(j = 0; j<length; j++){ 157 if(basis_vec->at(j)->at(i)==t){ 158 MulMod(p,p,gen->at(j).get_val(),mod); 159 } 160 } 161 temp_1 = p; 162 temp_2 = p; 163 for(k = t-1; k>0; k--){ 164 p = curve_zeropoint(); 165 for(j = 0; j<length; j++){ 166 if(basis_vec->at(j)->at(i)==k){ 167 MulMod(p,p,gen->at(j).get_val(),mod); 168 } 169 } 170 MulMod(temp_1,temp_1,p,mod); 171 MulMod(temp_2,temp_1,temp_2,mod); 172 173 } 174 MulMod(prod,prod,temp_2,mod); 175 for(k = 0; k<omega_expo; k++){ 176 SqrMod(prod,prod,mod); 177 } 178 } 179 p = curve_zeropoint(); 180 for(j = 0; j<length; j++){ 181 if(basis_vec->at(j)->at(0)==t){ 182 MulMod(p,p,gen->at(j).get_val(),mod); 183 } 184 } 185 temp_1 = p; 186 temp_2 = p; 187 for(k = t-1; k>0; k--){ 188 p = curve_zeropoint(); 189 for(j = 0; j<length; j++){ 190 if(basis_vec->at(j)->at(0)==k){ 191 MulMod(p,p,gen->at(j).get_val(),mod); 192 } 193 } 194 MulMod(temp_1,temp_1,p,mod); 195 MulMod(temp_2,temp_1,temp_2,mod); 196 } 197 MulMod(prod,prod,temp_2,mod); 198 j = basis_vec->size(); 199 for(i=0; i<j; i++){ 200 delete basis_vec->at(i); 201 basis_vec->at(i)=0; 202 } 203 delete basis_vec; 204 } 205 206 void multi_expo::expo_mult(Cipher_elg& prod, const vector<Cipher_elg>* a, vector<ZZ>* e, int omega ){ 207 long i, j, k, l,t; 208 vector<vector<long>* >* basis_vec; 209 ZZ ord = H.get_ord(); 210 long length; 211 CurvePoint prod_u, p_u, temp_1_u, temp_2_u,prod_v, p_v, temp_1_v, temp_2_v; 212 ZZ mod; 213 long num_b; 214 215 length = a->size(); 216 mod = H.get_mod(); 217 num_b = NumBits(ord); 218 l = num_b/omega +1; 219 220 vector<CurvePoint> a_u(length); 221 vector<CurvePoint> a_v(length); 222 basis_vec = new vector<vector<long>* >(length); 223 for(i = 0; i<length; i++){ 224 basis_vec->at(i) = to_basis(e->at(i), num_b,omega); 225 a_u.at(i)=a->at(i).get_u(); 226 // a_v.at(i)=a->at(i).get_v(); 227 } 228 prod_u = curve_zeropoint(); 229 prod_v = curve_zeropoint(); 230 t = (1L << omega)-1; 231 for(i=l-1; i>0; i--){ 232 p_u= curve_zeropoint(); 233 p_v= curve_zeropoint(); 234 for(j = 0; j<length; j++){ 235 if(basis_vec->at(j)->at(i)==t){ 236 MulMod(p_u,p_u,a_u.at(j),mod); 237 MulMod(p_v,p_v,a_v.at(j), mod); 238 } 239 } 240 temp_1_u = p_u; 241 temp_2_u = p_u; 242 temp_1_v = p_v; 243 temp_2_v = p_v; 244 for(k = t-1; k>0; k--){ 245 p_u= curve_zeropoint(); 246 p_v = curve_zeropoint(); 247 for(j = 0; j<length; j++){ 248 if(basis_vec->at(j)->at(i)==k){ 249 MulMod(p_u,p_u,a_u.at(j),mod); 250 MulMod(p_v,p_v,a_v.at(j),mod); 251 } 252 } 253 MulMod(temp_1_u ,temp_1_u,p_u,mod); 254 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 255 MulMod(temp_1_v ,temp_1_v,p_v,mod); 256 MulMod(temp_2_v ,temp_1_v,temp_2_v,mod); 257 258 } 259 prod_u = MulMod(prod_u,temp_2_u,mod); 260 prod_v = MulMod(prod_v,temp_2_v,mod); 261 for(k =0; k<omega; k++){ 262 SqrMod(prod_u,prod_u,mod); 263 SqrMod(prod_v,prod_v,mod); 264 } 265 } 266 p_u= curve_zeropoint(); 267 p_v= curve_zeropoint(); 268 for(j = 0; j<length; j++){ 269 if(basis_vec->at(j)->at(0)==t){ 270 MulMod(p_u,p_u,a_u.at(j),mod); 271 MulMod(p_v,p_v,a_v.at(j),mod); 272 } 273 } 274 temp_1_u = p_u; 275 temp_2_u = p_u; 276 temp_1_v = p_v; 277 temp_2_v = p_v; 278 for(k = t-1; k>0; k--){ 279 p_u= curve_zeropoint(); 280 p_v = curve_zeropoint(); 281 for(j = 0; j<length; j++){ 282 if(basis_vec->at(j)->at(0)==k){ 283 MulMod(p_u,p_u,a_u.at(j),mod); 284 MulMod(p_v,p_v,a_v.at(j),mod); 285 } 286 } 287 MulMod(temp_1_u ,temp_1_u,p_u,mod); 288 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 289 MulMod(temp_1_v, temp_1_v,p_v,mod); 290 MulMod(temp_2_v ,temp_1_v,temp_2_v,mod); 291 } 292 MulMod(prod_u,prod_u,temp_2_u,mod); 293 MulMod(prod_v,prod_v,temp_2_v,mod); 294 prod = Cipher_elg(prod_u, mod); 295 j = basis_vec->size(); 296 for(i=0; i<j; i++){ 297 delete basis_vec->at(i); 298 basis_vec->at(i)=0; 299 } 300 delete basis_vec; 301 } 302 303 void multi_expo::expo_mult(Cipher_elg& prod, const vector<Cipher_elg>* a, vector<vector<long>*>* basis_vec, int omega ){ 304 long i, j, k, l,t; 305 long length; 306 CurvePoint prod_u, p_u, temp_1_u, temp_2_u;//prod_v, p_v, temp_1_v, temp_2_v 307 ZZ mod; 308 long num_b; 309 310 length = a->size(); 311 mod = H.get_mod(); 312 num_b = NumBits(H.get_ord()); 313 l = num_b/omega +1; 314 315 vector<CurvePoint> a_u(length); 316 //vector<CurvePoint> a_v(length); 317 318 for(i = 0; i<length; i++){ 319 a_u.at(i)=a->at(i).get_u(); 320 //a_v.at(i)=a->at(i).get_v(); 321 } 322 prod_u = curve_zeropoint(); 323 //prod_v = curve_zeropoint(); 324 t = (1L << omega) - 1; 325 for(i=l-1; i>0; i--){ 326 p_u = curve_zeropoint(); 327 // p_v = curve_zeropoint(); 328 for(j = 0; j<length; j++){ 329 if(basis_vec->at(j)->at(i)==t){ 330 MulMod(p_u,p_u,a_u.at(j),mod); 331 // MulMod(p_v,p_v,a_v.at(j), mod); 332 } 333 } 334 temp_1_u = p_u; 335 temp_2_u = p_u; 336 // temp_1_v = p_v; 337 // temp_2_v = p_v; 338 for(k = t-1; k>0; k--){ 339 p_u = curve_zeropoint(); 340 // p_v = curve_zeropoint(); 341 for(j = 0; j<length; j++){ 342 if(basis_vec->at(j)->at(i)==k){ 343 MulMod(p_u,p_u,a_u.at(j),mod); 344 // MulMod(p_v,p_v,a_v.at(j),mod); 345 } 346 } 347 MulMod(temp_1_u ,temp_1_u,p_u,mod); 348 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 349 // MulMod(temp_1_v,temp_1_v,p_v,mod); 350 // MulMod(temp_2_v, temp_1_v,temp_2_v,mod); 351 352 } 353 MulMod(prod_u,prod_u,temp_2_u,mod); 354 // MulMod(prod_v,prod_v,temp_2_v,mod); 355 for(k =0; k<omega; k++){ 356 SqrMod(prod_u,prod_u,mod); 357 // SqrMod(prod_v,prod_v,mod); 358 } 359 } 360 p_u = curve_zeropoint(); 361 //p_v = curve_zeropoint(); 362 for(j = 0; j<length; j++){ 363 if(basis_vec->at(j)->at(0)==t){ 364 MulMod(p_u,p_u,a_u.at(j),mod); 365 // MulMod(p_v,p_v,a_v.at(j),mod); 366 } 367 } 368 temp_1_u = p_u; 369 temp_2_u = p_u; 370 //temp_1_v = p_v; 371 //temp_2_v = p_v; 372 for(k = t-1; k>0; k--){ 373 p_u = curve_zeropoint(); 374 // p_v = curve_zeropoint(); 375 for(j = 0; j<length; j++){ 376 if(basis_vec->at(j)->at(0)==k){ 377 MulMod(p_u,p_u,a_u.at(j),mod); 378 // MulMod(p_v,p_v,a_v.at(j),mod); 379 } 380 } 381 MulMod(temp_1_u ,temp_1_u,p_u,mod); 382 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 383 // MulMod(temp_1_v, temp_1_v,p_v,mod); 384 // MulMod(temp_2_v ,temp_1_v,temp_2_v,mod); 385 } 386 MulMod(prod_u, prod_u,temp_2_u,mod); 387 //MulMod(prod_v,prod_v,temp_2_v,mod); 388 prod = Cipher_elg(prod_u, mod); 389 390 } 391 392 void multi_expo::expo_mult(Cipher_elg& prod, const vector<Cipher_elg>* a, ZZ f, vector<ZZ>* e, int omega ){ 393 long i, j, k, l,t; 394 vector<vector<long>* >* basis_vec; 395 ZZ ord = H.get_ord(); 396 long length; 397 CurvePoint prod_u, p_u, temp_1_u, temp_2_u;//,prod_v, p_v, temp_1_v, temp_2_v 398 ZZ mod, temp; 399 long num_b; 400 401 length = e->size(); 402 mod = H.get_mod(); 403 num_b = NumBits(ord); 404 l = num_b/omega +1; 405 vector<CurvePoint> a_u(length); 406 //vector<CurvePoint> a_v(length); 407 basis_vec = new vector<vector<long>* >(length); 408 for(i = 0; i<length; i++){ 409 temp = MulMod(f,e->at(i),ord); 410 basis_vec->at(i) = to_basis(temp, num_b,omega); 411 a_u.at(i)=a->at(i).get_u(); 412 // a_v.at(i)=a->at(i).get_v(); 413 } 414 prod_u = curve_zeropoint(); 415 //prod_v= curve_zeropoint(); 416 t = (1L << omega) - 1; 417 for(i=l-1; i>0; i--){ 418 p_u= curve_zeropoint(); 419 // p_v= curve_zeropoint(); 420 for(j = 0; j<length; j++){ 421 if(basis_vec->at(j)->at(i)==t){ 422 MulMod(p_u,p_u,a_u.at(j),mod); 423 // MulMod(p_v,p_v,a_v.at(j), mod); 424 } 425 } 426 temp_1_u = p_u; 427 temp_2_u = p_u; 428 // temp_1_v = p_v; 429 // temp_2_v = p_v; 430 for(k = t-1; k>0; k--){ 431 p_u= curve_zeropoint(); 432 // p_v = curve_zeropoint(); 433 for(j = 0; j<length; j++){ 434 if(basis_vec->at(j)->at(i)==k){ 435 MulMod(p_u,p_u,a_u.at(j),mod); 436 // MulMod(p_v,p_v,a_v.at(j),mod); 437 } 438 } 439 MulMod(temp_1_u ,temp_1_u,p_u,mod); 440 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 441 // MulMod(temp_1_v ,temp_1_v,p_v,mod); 442 // MulMod(temp_2_v ,temp_1_v,temp_2_v,mod); 443 444 } 445 prod_u = MulMod(prod_u,temp_2_u,mod); 446 // prod_v = MulMod(prod_v,temp_2_v,mod); 447 for(k =0; k<omega; k++){ 448 SqrMod(prod_u,prod_u,mod); 449 // SqrMod(prod_v,prod_v,mod); 450 } 451 } 452 p_u= curve_zeropoint(); 453 //p_v= curve_zeropoint(); 454 for(j = 0; j<length; j++){ 455 if(basis_vec->at(j)->at(0)==t){ 456 MulMod(p_u,p_u,a_u.at(j),mod); 457 // MulMod(p_v,p_v,a_v.at(j),mod); 458 } 459 } 460 temp_1_u = p_u; 461 temp_2_u = p_u; 462 //temp_1_v = p_v; 463 //temp_2_v = p_v; 464 for(k = t-1; k>0; k--){ 465 p_u= curve_zeropoint(); 466 // p_v = curve_zeropoint(); 467 for(j = 0; j<length; j++){ 468 if(basis_vec->at(j)->at(0)==k){ 469 MulMod(p_u,p_u,a_u.at(j),mod); 470 // MulMod(p_v,p_v,a_v.at(j),mod); 471 } 472 } 473 MulMod(temp_1_u ,temp_1_u,p_u,mod); 474 MulMod(temp_2_u ,temp_1_u,temp_2_u,mod); 475 // MulMod(temp_1_v, temp_1_v,p_v,mod); 476 // MulMod(temp_2_v ,temp_1_v,temp_2_v,mod); 477 } 478 MulMod(prod_u,prod_u,temp_2_u,mod); 479 //MulMod(prod_v,prod_v,temp_2_v,mod); 480 prod = Cipher_elg(prod_u, mod); 481 j = basis_vec->size(); 482 for(i=0; i<j; i++){ 483 delete basis_vec->at(i); 484 basis_vec->at(i)=0; 485 }; 486 delete basis_vec; 487 } 488 489 void multi_expo::expo_mult(Cipher_elg& prod, const vector<vector<Cipher_elg>*>* a, vector<ZZ>* s1, vector<ZZ>* s2, int omega ){ 490 Cipher_elg temp; 491 long i,l; 492 l = a->size(); 493 expo_mult(prod,a->at(0), s1->at(0), s2, omega); 494 for(i = 1; i<l; i++){ 495 expo_mult(temp,a->at(i), s1->at(i), s2, omega); 496 Cipher_elg::mult(prod,prod,temp); 497 } 498 } 499 500 vector<vector<CurvePoint>* >* multi_expo::calc_Yk(vector<CurvePoint>* y, int win){ 501 vector<vector<CurvePoint>* >* ret; 502 vector<CurvePoint>* temp; 503 long h,t, i,j,k,e; 504 CurvePoint prod, tem; 505 ZZ mod; 506 mod = H.get_mod(); 507 vector<vector<int>* >* binary; 508 509 h= y->size()/win; 510 e = (1L << win); 511 binary = to_binary(win); 512 513 if((unsigned) h*win ==y->size()){ 514 ret = new vector<vector<CurvePoint>* >(h); 515 for(i =0; i<h; i++){ 516 temp = new vector<CurvePoint>(e); 517 for(j=0; j<e; j++){ 518 prod = curve_zeropoint(); 519 for(k=0; k<win; k++){ 520 PowerMod(tem,y->at(i*win+k), binary->at(j)->at(k), mod); 521 MulMod(prod,prod,tem,mod); 522 } 523 temp->at(j)=prod; 524 } 525 ret->at(i)=temp; 526 } 527 } 528 else{ 529 ret = new vector<vector<CurvePoint>* >(h+1); 530 t= y->size()-h*win; 531 for(i =0; i<h; i++){ 532 temp = new vector<CurvePoint>(e); 533 for(j=0; j<e; j++){ 534 prod = curve_zeropoint(); 535 for(k=0; k<win; k++){ 536 PowerMod(tem,y->at(i*win+k), binary->at(j)->at(k), mod); 537 MulMod(prod,prod,tem,mod); 538 } 539 temp->at(j)=prod; 540 } 541 ret->at(i)=temp; 542 } 543 temp = new vector<CurvePoint>(e); 544 for(j=0; j<e; j++){ 545 prod = curve_zeropoint(); 546 for(k=0; k<t; k++){ 547 PowerMod(tem,y->at(h*win+k), binary->at(j)->at(k), mod); 548 MulMod(prod,prod,tem,mod); 549 } 550 temp->at(j)=prod; 551 } 552 ret->at(h)=temp; 553 554 } 555 for (i = 0; i<e; i++){ 556 delete binary->at(i); 557 binary->at(i)= 0; 558 } 559 delete binary; 560 return ret; 561 562 } 563 564 vector<vector<Mod_p>* >* multi_expo::calc_Yk(vector<Mod_p>* y, int win){ 565 vector<vector<Mod_p>* >* ret; 566 vector<Mod_p>* temp; 567 long h,t, i,j,k,e; 568 Mod_p prod, tem; 569 vector<vector<int>* >* binary; 570 571 h= y->size()/win; 572 e = (1L << win); 573 binary = to_binary(win); 574 575 if((unsigned)h*win == y->size()){ 576 ret = new vector<vector<Mod_p>* >(h); 577 for(i =0; i<h; i++){ 578 temp = new vector<Mod_p>(e); 579 for(j=0; j<e; j++){ 580 // TODO this is never called? 581 assert(false); 582 prod = Mod_p(curve_zeropoint(),G.get_mod()); 583 for(k=0; k<win; k++){ 584 Mod_p::expo(tem,y->at(i*win+k), binary->at(j)->at(k)); 585 Mod_p::mult(prod,prod,tem); 586 } 587 temp->at(j)=prod; 588 } 589 ret->at(i)=temp; 590 } 591 } 592 else{ 593 ret = new vector<vector<Mod_p>* >(h+1); 594 t=y->size()-h*win; 595 for(i =0; i<h; i++){ 596 temp = new vector<Mod_p>(e); 597 for(j=0; j<e; j++){ 598 prod = Mod_p(curve_zeropoint(),G.get_mod()); 599 for(k=0; k<win; k++){ 600 Mod_p::expo(tem,y->at(i*win+k), binary->at(j)->at(k)); 601 Mod_p::mult(prod,prod, tem); 602 } 603 temp->at(j)=prod; 604 } 605 ret->at(i)=temp; 606 } 607 temp = new vector<Mod_p>(e); 608 for(j=0; j<e; j++){ 609 prod = Mod_p(curve_zeropoint(),G.get_mod());; 610 for(k=0; k<t; k++){ 611 Mod_p::expo(tem,y->at(h*win+k), binary->at(j)->at(k)); 612 Mod_p::mult(prod,prod,tem); 613 } 614 temp->at(j)=prod; 615 } 616 ret->at(h)=temp; 617 618 } 619 j = binary->size(); 620 for(i=0; i<j; i++){ 621 delete binary->at(i); 622 binary->at(i)=0; 623 } 624 for (i = 0; i<e; i++){ 625 delete binary->at(i); 626 binary->at(i)= 0; 627 } 628 delete binary; 629 return ret; 630 631 } 632 633 void multi_expo::multi_expo_LL(Mod_p& ret, vector<Mod_p>* y, vector<ZZ>* e, int win){ 634 Mod_p temp; 635 ZZ mod = H.get_mod(); 636 ret = Mod_p(curve_zeropoint(),G.get_mod());; 637 unsigned int i; 638 for (i = 0; i < y->size(); i++) { 639 Mod_p::expo(temp, y->at(i), e->at(i)); 640 Mod_p::mult(ret, ret, temp); 641 } 642 // TODO to be determined whether real LL method faster... 643 } 644 645 void multi_expo::multi_expo_LL(CurvePoint& ret, vector<CurvePoint>* y, vector<ZZ>* e, int win){ 646 CurvePoint temp; 647 ZZ mod = H.get_mod(); 648 ret = curve_zeropoint(); 649 unsigned int i; 650 for (i = 0; i < y->size(); i++) { 651 PowerMod(temp, y->at(i), e->at(i), mod); 652 MulMod(ret, ret, temp, mod); 653 } 654 // TODO to be determined whether real LL method faster... 655 } 656 657 void multi_expo::multi_expo_LL(Cipher_elg& ret, Cipher_elg c1, Cipher_elg c2, Cipher_elg c3, Cipher_elg c4, vector<ZZ>* e, int win){ 658 CurvePoint ret_u, ret_v; 659 vector<CurvePoint>* c_u; 660 vector<CurvePoint>* c_v; 661 662 c_u = new vector<CurvePoint>(4); 663 c_u->at(0) = c1.get_u(); 664 c_u->at(1) = c2.get_u(); 665 c_u ->at(2) = c3.get_u(); 666 c_u->at(3) = c4.get_u(); 667 668 // c_v = new vector<CurvePoint>(4); 669 // c_v->at(0) = c1.get_v(); 670 // c_v->at(1) = c2.get_v(); 671 // c_v ->at(2) = c3.get_v(); 672 // c_v->at(3) = c4.get_v(); 673 674 multi_expo_LL(ret_u, c_u, e, win); 675 //multi_expo_LL(ret_v, c_v, e, win); 676 delete c_u; 677 //delete c_v; 678 ret = Cipher_elg(ret_u, H.get_mod()); 679 680 681 } 682 683 vector<int>* multi_expo::to_basis_sw(ZZ e, long num_b, int omega_sw){ 684 685 long i, j, t, te; 686 vector<int>* temp; 687 vector<int>* basis; 688 temp = new vector<int>(omega_sw); 689 basis = new vector<int>(num_b); 690 691 i = num_b-1; 692 while(i>=omega_sw){ 693 if (bit(e,i)==0){ 694 basis->at(i)=0; 695 i=i-1; 696 } 697 else{ 698 for(t= i-omega_sw+1; t < i+1; t++){ 699 if(bit(e,t)==1){ 700 te = i-t; 701 for(j = 0; j<= te; j++){ 702 temp->at(j)=bit(e, t+j); 703 } 704 for(j =te+1; j<omega_sw; j++){ 705 temp->at(j) =0; 706 } 707 break; 708 } 709 } 710 basis->at(t)= to_long(temp); 711 for(j = t+1; j<=i; j++){ 712 basis->at(j)=0; 713 } 714 i=t-1; 715 } 716 } 717 while(i>=0){ 718 if (bit(e,i)==0){ 719 basis->at(i)=0; 720 i=i-1; 721 } 722 else{ 723 for(t= 0; t < i+1; t++){ 724 if(bit(e,t)==1){ 725 te = i-t; 726 for(j = 0; j<= te; j++){ 727 temp->at(j)=bit(e, t+j); 728 } 729 for(j =te+1; j<omega_sw; j++){ 730 temp->at(j) =0; 731 } 732 break; 733 } 734 } 735 basis->at(t)= to_long(temp); 736 for(j = t+1; j<=i; j++){ 737 basis->at(j)=0; 738 } 739 i=t-1; 740 } 741 742 } 743 delete temp; 744 return basis; 745 } 746 747 void multi_expo::multi_expo_sw(CurvePoint& prod, ZZ e_1, ZZ e_2, int omega_sw, vector<vector<CurvePoint>* >* gen_prec){ 748 long i; 749 int t_1, t_2; 750 vector<int>* E_1; 751 vector<int>* E_2; 752 long num_b; 753 ZZ mod; 754 mod = G.get_mod(); 755 num_b = NumBits(G.get_ord()); 756 E_1 = to_basis_sw(e_1, num_b, omega_sw); 757 E_2 = to_basis_sw(e_2, num_b, omega_sw); 758 prod = curve_zeropoint(); 759 t_1 = 0; 760 t_2 = 0; 761 t_1 = (E_1->at(num_b-1)+1)/2; 762 t_2 = (E_2->at(num_b-1)+1)/2; 763 if ( t_1> 0){ 764 MulMod(prod,prod,gen_prec->at(0)->at(t_1-1),mod); 765 } 766 if ( t_2> 0){ 767 MulMod(prod,prod,gen_prec->at(1)->at(t_2-1),mod); 768 } 769 for(i = num_b-2; i>=0; i--){ 770 t_1 = (E_1->at(i)+1)/2; 771 t_2 = (E_2->at(i)+1)/2; 772 SqrMod(prod,prod, mod); 773 if ( t_1> 0){ 774 MulMod(prod,prod,gen_prec->at(0)->at(t_1-1),mod); 775 } 776 if ( t_2> 0){ 777 MulMod(prod,prod,gen_prec->at(1)->at(t_2-1),mod); 778 } 779 } 780 delete E_1; 781 delete E_2; 782 }