Revert "Modified values taken from Z_p* and Z_q with check added"

This reverts commit 871ea49.
gparrella12 · Aug 18, 2022 · f05cd72 · f05cd72
1 parent e853efe
commit f05cd72
Show file tree

Hide file tree

Showing 6 changed files with 18 additions and 138 deletions.
diff --git a/WP4/src/CryptographicTools/ElGamalHomomorphic/ElGamalKeyPair.java b/WP4/src/CryptographicTools/ElGamalHomomorphic/ElGamalKeyPair.java
@@ -4,14 +4,14 @@
 import java.security.SecureRandom;
 
 /**
- * This class contains a Key Pair of ElGamal encryption scheme. The ElGamal
- * encryption scheme has a key pair <code>(sk,pk)</code> such that:
+ * This class contains a Key Pair of ElGamal encryption scheme. 
+ * The ElGamal encryption scheme has a key pair <code>(sk,pk)</code> such that:
  * <ul>
  * <li><code>(secrete key) sk=x</code> , with <code>x</code> randomly chosen in
  * <code>Z_q</code>.</li>
- *
+ * 
  * <li><code>(public key) pk = g<sup>x</sup> mod p</code></li>
- *
+ * 
  * </ul>
  *
  * @author Ernesto
@@ -22,7 +22,8 @@ public class ElGamalKeyPair {
  private final BigInteger publicKey;
 
  /**
- * Creates an ElGamal key pair. This method uses the default parameters to
+ * Creates an ElGamal key pair. 
+ * This method uses the default parameters to
  * generate a cyclic group of order q by using an object of
  * <code>CyclicGroupParameters</code> class.
  */
@@ -35,28 +36,13 @@ public ElGamalKeyPair() {
  BigInteger g = param.getG();
 
  // Take a random value of securityParameter bit.
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while(h.equals(BigInteger.ONE)){
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // SK = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- this.secretKey = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(this.secretKey, p) == 0) {
- throw new RuntimeException("Malformed ElGamal key");
- }
+ // SK <- Z_q
+ this.secretKey = new BigInteger(securityParameter, new SecureRandom()).mod(q);
+
  // PK = G^SK mod P
  this.publicKey = g.modPow(secretKey, p);
  }
 
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
- }
-
  /**
  * This method returns the public key value of the ElGamal pair.
  *

diff --git a/WP4/src/CryptographicTools/ElGamalHomomorphic/ExponentialElGamal.java b/WP4/src/CryptographicTools/ElGamalHomomorphic/ExponentialElGamal.java
@@ -30,16 +30,7 @@ public static ElGamalCipherText encrypt(CyclicGroupParameters param, BigInteger
  SecureRandom sc = new SecureRandom();
 
  // r <- Z_q, r randomly chosen in Z_q
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while (h.equals(BigInteger.ONE)) {
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // r = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- BigInteger r = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(r, p) == 0) {
- throw new RuntimeException("Malformed randomness value");
- }
+ BigInteger r = new BigInteger(securityParameter, sc).mod(q);
 
  // u = g^r mod p 
  BigInteger u = g.modPow(r, p);
@@ -102,12 +93,4 @@ public static ElGamalCipherText aggregate(CyclicGroupParameters param, ElGamalCi
  BigInteger newV = cipherText1.getV().multiply(cipherText2.getV()).mod(p);
  return new ElGamalCipherText(newU, newV);
  }
-
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
- }
 }
diff --git a/WP4/src/CryptographicTools/Schnorr/NIZKP/SchnorrNIZKP.java b/WP4/src/CryptographicTools/Schnorr/NIZKP/SchnorrNIZKP.java
@@ -32,19 +32,10 @@ public static SchnorrNIProof makeProof(BigInteger x, BigInteger y, CyclicGroupPa
  BigInteger g = param.getG();
 
  // r random
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while (h.equals(BigInteger.ONE)) {
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // r = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- BigInteger r = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(r, p) == 0) {
- throw new RuntimeException("Malformed C value");
- }
+ BigInteger r = new BigInteger(securityParameter, new SecureRandom());
 
  // a = g^r mod p
- BigInteger a = g.modPow(r, p);
+ BigInteger a = g.modPow(r.mod(q), p);
 
  BigInteger toHash = new BigInteger(Utils.append(y.toByteArray(), a.toByteArray()));
  BigInteger c = new BigInteger(CryptographicHash.hash(toHash.toByteArray())); // c = H(y || a), with y=g^x mod p 
@@ -95,11 +86,4 @@ public static boolean checkProof(SchnorrNIProof proof, BigInteger y, CyclicGroup
  return false;
  }
 
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
- }
 }
diff --git a/WP4/src/CryptographicTools/Schnorr/ZKP/Prover.java b/WP4/src/CryptographicTools/Schnorr/ZKP/Prover.java
@@ -16,7 +16,6 @@
  */
 package CryptographicTools.Schnorr.ZKP;
 
-import CryptographicTools.ElGamalHomomorphic.CyclicGroupParameters;
 import java.math.BigInteger;
 import java.security.SecureRandom;
 
@@ -48,40 +47,15 @@ public Prover(SchnorrKeyPair keys) {
  * @return a <code>BigInteger</code> representing the <code>a</code> value.
  */
  public BigInteger getA() {
- CyclicGroupParameters param = keys.getParam();
- int securityParameter = param.getSecurityParameter().intValue();
- BigInteger q = param.getQ();
- BigInteger p = param.getP();
- BigInteger g = param.getG();
-
- // Take a random value of securityParameter bit.
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while (h.equals(BigInteger.ONE)) {
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // SK = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- this.schnorrRandomness = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(this.schnorrRandomness, p) == 0) {
- throw new RuntimeException("Malformed Schnorr randomness");
- }
- // return a = g^r mod p 
- return g.modPow(schnorrRandomness, p);
- }
-
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
+ schnorrRandomness = new BigInteger(keys.getParam().getSecurityParameter().intValue(), new SecureRandom()).mod(keys.getParam().getQ());
+ return keys.getParam().getG().modPow(schnorrRandomness, keys.getParam().getP());
  }
 
  /**
  * This method generates and returns the <code>a</code> value, that is equal
  * to r+c*x.
  *
- * @param c is the challenge from the verifier.
+ * @param c c = H(y || a), with y=g<sup>x</sup> mod p.
  * @return a <code>BigInteger</code> representing the <code>z</code> value.
  */
  public BigInteger getZ(BigInteger c) {

diff --git a/WP4/src/CryptographicTools/Schnorr/ZKP/SchnorrKeyPair.java b/WP4/src/CryptographicTools/Schnorr/ZKP/SchnorrKeyPair.java
@@ -22,32 +22,8 @@ public class SchnorrKeyPair {
  */
  public SchnorrKeyPair(CyclicGroupParameters param) {
  this.param = param;
- int securityParameter = param.getSecurityParameter().intValue();
- BigInteger q = param.getQ();
- BigInteger p = param.getP();
- BigInteger g = param.getG();
-
- // Take a random value of securityParameter bit.
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while (h.equals(BigInteger.ONE)) {
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // SK = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- this.x = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(this.x, p) == 0) {
- throw new RuntimeException("Malformed Schnorr key");
- }
- // PK = G^SK mod P
- this.y = g.modPow(x, p);
- }
-
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
+ x = new BigInteger(param.getSecurityParameter().intValue(), new SecureRandom()).mod(param.getQ()); // choose random r
+ y = param.getG().modPow(x, param.getP());
  }
 
  /**

diff --git a/WP4/src/CryptographicTools/Schnorr/ZKP/Verifier.java b/WP4/src/CryptographicTools/Schnorr/ZKP/Verifier.java
@@ -35,30 +35,7 @@ public abstract class Verifier {
  * @return a <code>BigInteger</code> representing the <code>c</code> value.
  */
  public BigInteger getC(CyclicGroupParameters param) {
- int securityParameter = param.getSecurityParameter().intValue();
- BigInteger q = param.getQ();
- BigInteger p = param.getP();
- BigInteger g = param.getG();
- // Take a random value of securityParameter bit.
- // h <- Z_p*
- BigInteger h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- while (h.equals(BigInteger.ONE)) {
- h = new BigInteger(securityParameter, new SecureRandom()).mod(p);
- }
- // SK = h^2 mod p (because p=2q+1), this is a group element of cyclic group of order q [pag. 322]
- BigInteger ret = h.modPow(new BigInteger("2"), p);
- if (isInQSubgroup(ret, p) == 0) {
- throw new RuntimeException("Malformed C value");
- }
- return ret;
- }
-
- private static int isInQSubgroup(BigInteger x, BigInteger p) {
- // x ^ {(p-1)/2} mod p == 1 <-> x^q = 1 mod p [pag. 323]
- if (x.modPow(p.subtract(BigInteger.ONE).divide(BigInteger.TWO), p).compareTo(BigInteger.ONE) == 0) {
- return 1;
- }
- return 0;
+ return new BigInteger(param.getSecurityParameter().intValue(), new SecureRandom()).mod(param.getQ());
  }
 
  /**