- consensus and secretsharing have both start time and deadline

11 files changed, 124 insertions, 55 deletions

diff --git a/src/Makefile.am b/src/Makefile.am
index 9054c8793..fcb78c3be 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -6,7 +6,7 @@ if HAVE_TESTING
  TESTING = testing
  TESTBED = testbed
  CONSENSUS = consensus
-# SECRETSHARING = secretsharing
+ SECRETSHARING = secretsharing
  EXPERIMENTATION = experimentation
 # SCALARPRODUCT = scalarproduct
 endif
diff --git a/src/consensus/consensus.h b/src/consensus/consensus.h
index a752988fd..e8b5c6106 100644
--- a/src/consensus/consensus.h
+++ b/src/consensus/consensus.h
@@ -41,30 +41,28 @@ struct GNUNET_CONSENSUS_JoinMessage
    */
   struct GNUNET_MessageHeader header;
 
+  /**
+   * Number of peers (at the end of this message) that want to
+   * participate in the consensus.
+   */
   uint32_t num_peers GNUNET_PACKED;
 
-  struct GNUNET_HashCode session_id;
-
-  /* GNUNET_PeerIdentity[num_peers] */
-};
-
-
-struct GNUNET_CONSENSUS_ConcludeMessage
-{
   /**
-   * Type: GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_CONCLUDE
+   * Session id of the consensus.
    */
-  struct GNUNET_MessageHeader header;
+  struct GNUNET_HashCode session_id;
 
   /**
-   * Padding, must be zero.
+   * Start time for the consensus.
    */
-  uint32_t reserved GNUNET_PACKED;
+  struct GNUNET_TIME_AbsoluteNBO start;
 
   /**
-   * Deadline for conclude
+   * Deadline for conclude.
    */
   struct GNUNET_TIME_AbsoluteNBO deadline;
+
+  /* GNUNET_PeerIdentity[num_peers] */
 };
 
 
diff --git a/src/consensus/consensus_api.c b/src/consensus/consensus_api.c
index 14a1bf54e..5ebdf71e7 100644
--- a/src/consensus/consensus_api.c
+++ b/src/consensus/consensus_api.c
@@ -156,6 +156,9 @@ handle_conclude_done (void *cls,
  *              Inclusion of the local peer is optional.
  * @param session_id session identifier
  *                   Allows a group of peers to have more than consensus session.
+ * @param start start time of the consensus, conclude should be called before
+ *              the start time.
+ * @param deadline time when the consensus should have concluded
  * @param new_element_cb callback, called when a new element is added to the set by
  *                    another peer
  * @param new_element_cls closure for new_element
@@ -166,6 +169,8 @@ GNUNET_CONSENSUS_create (const struct GNUNET_CONFIGURATION_Handle *cfg,
                          unsigned int num_peers,
                          const struct GNUNET_PeerIdentity *peers,
                          const struct GNUNET_HashCode *session_id,
+                         struct GNUNET_TIME_Absolute start,
+                         struct GNUNET_TIME_Absolute deadline,
                          GNUNET_CONSENSUS_ElementCallback new_element_cb,
                          void *new_element_cls)
 {
@@ -196,6 +201,8 @@ GNUNET_CONSENSUS_create (const struct GNUNET_CONFIGURATION_Handle *cfg,
                             GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_JOIN);
 
   join_msg->session_id = consensus->session_id;
+  join_msg->start = GNUNET_TIME_absolute_hton (start);
+  join_msg->deadline = GNUNET_TIME_absolute_hton (deadline);
   join_msg->num_peers = htonl (num_peers);
   memcpy(&join_msg[1],
          peers,
@@ -266,12 +273,10 @@ GNUNET_CONSENSUS_insert (struct GNUNET_CONSENSUS_Handle *consensus,
  */
 void
 GNUNET_CONSENSUS_conclude (struct GNUNET_CONSENSUS_Handle *consensus,
-                           struct GNUNET_TIME_Absolute deadline,
                            GNUNET_CONSENSUS_ConcludeCallback conclude,
                            void *conclude_cls)
 {
   struct GNUNET_MQ_Envelope *ev;
-  struct GNUNET_CONSENSUS_ConcludeMessage *conclude_msg;
 
   GNUNET_assert (NULL != conclude);
   GNUNET_assert (NULL == consensus->conclude_cb);
@@ -279,9 +284,7 @@ GNUNET_CONSENSUS_conclude (struct GNUNET_CONSENSUS_Handle *consensus,
   consensus->conclude_cls = conclude_cls;
   consensus->conclude_cb = conclude;
 
-  ev = GNUNET_MQ_msg (conclude_msg, GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_CONCLUDE);
-  conclude_msg->deadline = GNUNET_TIME_absolute_hton (deadline);
-
+  ev = GNUNET_MQ_msg_header (GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_CONCLUDE);
   GNUNET_MQ_send (consensus->mq, ev);
 }
 
diff --git a/src/consensus/gnunet-consensus-profiler.c b/src/consensus/gnunet-consensus-profiler.c
index 272a675db..d7a14f68e 100644
--- a/src/consensus/gnunet-consensus-profiler.c
+++ b/src/consensus/gnunet-consensus-profiler.c
@@ -25,6 +25,7 @@
  */
 #include "platform.h"
 #include "gnunet_util_lib.h"
+#include "gnunet_time_lib.h"
 #include "gnunet_consensus_service.h"
 #include "gnunet_testbed_service.h"
 
@@ -56,6 +57,16 @@ static unsigned *results_for_peer;
 
 static int verbose;
 
+/**
+ * Start time for all consensuses.
+ */
+static struct GNUNET_TIME_Absolute start;
+
+/**
+ * Deadline for all consensuses.
+ */
+static struct GNUNET_TIME_Absolute deadline;
+
 
 /**
  * Signature of the event handler function called by the
@@ -172,7 +183,6 @@ do_consensus ()
 
   for (i = 0; i < num_peers; i++)
     GNUNET_CONSENSUS_conclude (consensus_handles[i],
-                               GNUNET_TIME_relative_to_absolute (conclude_timeout),
                                conclude_cb, &consensus_handles[i]);
 }
 
@@ -259,6 +269,8 @@ connect_adapter (void *cls,
   consensus = GNUNET_CONSENSUS_create (cfg,
                                        num_peers, peer_ids,
                                        &session_id,
+                                       start,
+                                       deadline,
                                        &new_element_cb, chp);
   *chp = (struct GNUNET_CONSENSUS_Handle *) consensus;
   return consensus;
@@ -396,6 +408,9 @@ run (void *cls, char *const *args, const char *cfgfile,
     return;
   }
 
+  start = GNUNET_TIME_absolute_get ();
+  deadline = GNUNET_TIME_absolute_add (start, conclude_timeout);
+
   GNUNET_log (GNUNET_ERROR_TYPE_INFO,
               "running gnunet-consensus\n");
 
diff --git a/src/consensus/gnunet-service-consensus.c b/src/consensus/gnunet-service-consensus.c
index 688190c14..ffd9786d3 100644
--- a/src/consensus/gnunet-service-consensus.c
+++ b/src/consensus/gnunet-service-consensus.c
@@ -142,6 +142,11 @@ struct ConsensusSession
   struct GNUNET_MQ_Handle *client_mq;
 
   /**
+   * Time when the conclusion of the consensus should begin.
+   */
+  struct GNUNET_TIME_Absolute conclude_start;
+
+  /**
    * Timeout for all rounds together, single rounds will schedule a timeout task
    * with a fraction of the conclude timeout.
    * Only valid once the current round is not CONSENSUS_ROUND_BEGIN.
@@ -1039,6 +1044,9 @@ initialize_session (struct ConsensusSession *session,
     other_session = other_session->next;
   }
 
+  session->conclude_deadline = GNUNET_TIME_absolute_ntoh (join_msg->deadline);
+  session->conclude_start = GNUNET_TIME_absolute_ntoh (join_msg->start);
+
   session->local_peer_idx = get_peer_idx (&my_peer, session);
   GNUNET_assert (-1 != session->local_peer_idx);
   session->element_set = GNUNET_SET_create (cfg, GNUNET_SET_OPERATION_UNION);
@@ -1168,11 +1176,8 @@ client_conclude (void *cls,
                  const struct GNUNET_MessageHeader *message)
 {
   struct ConsensusSession *session;
-  struct GNUNET_CONSENSUS_ConcludeMessage *cmsg;
-
 
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "conclude requested\n");
-  cmsg = (struct GNUNET_CONSENSUS_ConcludeMessage *) message;
   session = get_session_by_client (client);
   if (NULL == session)
   {
@@ -1194,7 +1199,6 @@ client_conclude (void *cls,
   }
   else
   {
-    session->conclude_deadline = GNUNET_TIME_absolute_ntoh (cmsg->deadline);
     /* the 'begin' round is over, start with the next, actual round */
     round_over (session, NULL);
   }
@@ -1257,7 +1261,7 @@ run (void *cls, struct GNUNET_SERVER_Handle *server,
 {
   static const struct GNUNET_SERVER_MessageHandler server_handlers[] = {
     {&client_conclude, NULL, GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_CONCLUDE,
-        sizeof (struct GNUNET_CONSENSUS_ConcludeMessage)},
+        sizeof (struct GNUNET_MessageHeader)},
     {&client_insert, NULL, GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_INSERT, 0},
     {&client_join, NULL, GNUNET_MESSAGE_TYPE_CONSENSUS_CLIENT_JOIN, 0},
     {NULL, NULL, 0, 0}
diff --git a/src/include/gnunet_consensus_service.h b/src/include/gnunet_consensus_service.h
index 3b08b2dee..ef799773f 100644
--- a/src/include/gnunet_consensus_service.h
+++ b/src/include/gnunet_consensus_service.h
@@ -72,6 +72,9 @@ struct GNUNET_CONSENSUS_Handle;
  *              Inclusion of the local peer is optional.
  * @param session_id session identifier
  *                   Allows a group of peers to have more than consensus session.
+ * @param start start time of the consensus, conclude should be called before
+ *              the start time.
+ * @param deadline time when the consensus should have concluded
  * @param new_element_cb callback, called when a new element is added to the set by
  *                    another peer. Also called when an error occurs.
  * @param new_element_cls closure for new_element
@@ -82,6 +85,8 @@ GNUNET_CONSENSUS_create (const struct GNUNET_CONFIGURATION_Handle *cfg,
                          unsigned int num_peers,
                          const struct GNUNET_PeerIdentity *peers,
                          const struct GNUNET_HashCode *session_id,
+                         struct GNUNET_TIME_Absolute start,
+                         struct GNUNET_TIME_Absolute deadline,
                          GNUNET_CONSENSUS_ElementCallback new_element_cb,
                          void *new_element_cls);
 
@@ -135,14 +140,11 @@ typedef void (*GNUNET_CONSENSUS_ConcludeCallback) (void *cls);
  * try to conclude the consensus within a given time window.
  *
  * @param consensus consensus session
- * @param deadline deadline after which the conculde callback
- *                 whill be called
  * @param conclude called when the conclusion was successful
  * @param conclude_cls closure for the conclude callback
  */
 void
 GNUNET_CONSENSUS_conclude (struct GNUNET_CONSENSUS_Handle *consensus,
-                           struct GNUNET_TIME_Absolute deadline,
                            GNUNET_CONSENSUS_ConcludeCallback conclude,
                            void *conclude_cls);
 
diff --git a/src/include/gnunet_secretsharing_service.h b/src/include/gnunet_secretsharing_service.h
index 1524c79fe..3673ca0fe 100644
--- a/src/include/gnunet_secretsharing_service.h
+++ b/src/include/gnunet_secretsharing_service.h
@@ -190,6 +190,8 @@ typedef void (*GNUNET_SECRETSHARING_DecryptCallback) (void *cls,
  * @param num_peers number of peers in 'peers'
  * @param peers array of peers that we will share secrets with, can optionally contain the local peer
  * @param session_id unique session id
+ * @param start When should all peers be available for sharing the secret?
+ *              Random number generation can take place before the start time.
  * @param deadline point in time where the session must be established; taken as hint
  *                 by underlying consensus sessions
  * @param threshold minimum number of peers that must cooperate to decrypt a value
@@ -201,6 +203,7 @@ GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *c
                                      unsigned int num_peers,
                                      const struct GNUNET_PeerIdentity *peers,
                                      const struct GNUNET_HashCode *session_id,
+                                     struct GNUNET_TIME_Absolute start,
                                      struct GNUNET_TIME_Absolute deadline,
                                      unsigned int threshold,
                                      GNUNET_SECRETSHARING_SecretReadyCallback cb,
@@ -247,6 +250,7 @@ GNUNET_SECRETSHARING_encrypt (const struct GNUNET_SECRETSHARING_PublicKey *publi
  * @param share our secret share to use for decryption
  * @param ciphertext ciphertext to publish in order to decrypt it (if enough peers agree)
  * @param decrypt_cb callback called once the decryption succeeded
+ * @param start By when should the cooperation for decryption start?
  * @param deadline By when should the decryption be finished?
  * @param decrypt_cb_cls closure for @a decrypt_cb
  * @return handle to cancel the operation
@@ -255,6 +259,7 @@ struct GNUNET_SECRETSHARING_DecryptionHandle *
 GNUNET_SECRETSHARING_decrypt (const struct GNUNET_CONFIGURATION_Handle *cfg,
                               struct GNUNET_SECRETSHARING_Share *share,
                               const struct GNUNET_SECRETSHARING_Ciphertext *ciphertext,
+                              struct GNUNET_TIME_Absolute start,
                               struct GNUNET_TIME_Absolute deadline,
                               GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
                               void *decrypt_cb_cls);
diff --git a/src/secretsharing/gnunet-secretsharing-profiler.c b/src/secretsharing/gnunet-secretsharing-profiler.c
index b718e8a27..712203c33 100644
--- a/src/secretsharing/gnunet-secretsharing-profiler.c
+++ b/src/secretsharing/gnunet-secretsharing-profiler.c
@@ -49,6 +49,11 @@ static unsigned int decrypt = GNUNET_NO;
 static struct GNUNET_TIME_Relative timeout;
 
 /**
+ * When should dkg communication start?
+ */
+static struct GNUNET_TIME_Relative delay;
+
+/**
  * Handles for secretsharing sessions.
  */
 static struct GNUNET_SECRETSHARING_Session **session_handles;
@@ -85,9 +90,18 @@ static struct GNUNET_HashCode session_id;
 
 static int verbose;
 
-struct GNUNET_SECRETSHARING_Plaintext reference_plaintext;
+static struct GNUNET_SECRETSHARING_Plaintext reference_plaintext;
+
+static struct GNUNET_SECRETSHARING_Ciphertext ciphertext;
+
+static struct GNUNET_TIME_Absolute dkg_start;
+
+static struct GNUNET_TIME_Absolute dkg_deadline;
 
-struct GNUNET_SECRETSHARING_Ciphertext ciphertext;
+
+static struct GNUNET_TIME_Absolute decrypt_start;
+
+static struct GNUNET_TIME_Absolute decrypt_deadline;
 
 
 /**
@@ -236,7 +250,7 @@ decrypt_connect_adapter (void *cls,
               "decrypt connect adapter, %d peers\n",
               num_peers);
   *hp = GNUNET_SECRETSHARING_decrypt (cfg, shares[n], &ciphertext,
-                                      GNUNET_TIME_relative_to_absolute (GNUNET_TIME_UNIT_MINUTES),
+                                      decrypt_start, decrypt_deadline,
                                       decrypt_cb,
                                       hp);
 
@@ -315,6 +329,10 @@ secret_ready_cb (void *cls,
       return;
     }
 
+    decrypt_start = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (), delay);
+    decrypt_deadline = GNUNET_TIME_absolute_add (decrypt_start, timeout);
+
+
     // compute g^42
     GNUNET_SECRETSHARING_plaintext_generate_i (&reference_plaintext, 42);
     GNUNET_SECRETSHARING_encrypt (&common_pubkey, &reference_plaintext, &ciphertext);
@@ -350,7 +368,8 @@ session_connect_adapter (void *cls,
                                              num_peers,
                                              peer_ids,
                                              &session_id,
-                                             GNUNET_TIME_relative_to_absolute (timeout),
+                                             dkg_start,
+                                             dkg_deadline,
                                              threshold,
                                              &secret_ready_cb, sp);
   return *sp;
@@ -471,6 +490,9 @@ run (void *cls, char *const *args, const char *cfgfile,
   char *topology;
   int topology_cmp_result;
 
+  dkg_start = GNUNET_TIME_absolute_add (GNUNET_TIME_absolute_get (), delay);
+  dkg_deadline = GNUNET_TIME_absolute_add (dkg_start, timeout);
+
   if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_string (cfg, "testbed", "OVERLAY_TOPOLOGY", &topology))
   {
     fprintf (stderr,
@@ -513,6 +535,9 @@ main (int argc, char **argv)
       { 'n', "num-peers", NULL,
         gettext_noop ("number of peers in consensus"),
         GNUNET_YES, &GNUNET_GETOPT_set_uint, &num_peers },
+      { 'D', "delay", NULL,
+        gettext_noop ("dkg start delay"),
+        GNUNET_YES, &GNUNET_GETOPT_set_relative_time, &delay },
       { 't', "timeout", NULL,
         gettext_noop ("dkg timeout"),
         GNUNET_YES, &GNUNET_GETOPT_set_relative_time, &timeout },
@@ -527,7 +552,8 @@ main (int argc, char **argv)
         GNUNET_NO, &GNUNET_GETOPT_set_one, &verbose },
       GNUNET_GETOPT_OPTION_END
   };
-  timeout = GNUNET_TIME_UNIT_SECONDS;
+  delay = GNUNET_TIME_UNIT_ZERO;
+  timeout = GNUNET_TIME_UNIT_MINUTES;
   GNUNET_PROGRAM_run2 (argc, argv, "gnunet-secretsharing-profiler",
                       "help",
                       options, &run, NULL, GNUNET_YES);
diff --git a/src/secretsharing/gnunet-service-secretsharing.c b/src/secretsharing/gnunet-service-secretsharing.c
index 4af5124ca..9c8c44264 100644
--- a/src/secretsharing/gnunet-service-secretsharing.c
+++ b/src/secretsharing/gnunet-service-secretsharing.c
@@ -238,6 +238,11 @@ struct DecryptSession
   struct GNUNET_MQ_Handle *client_mq;
 
   /**
+   * When should we start communicating for decryption?
+   */
+  struct GNUNET_TIME_Absolute start;
+
+  /**
    * When would we like the ciphertext to be
    * decrypted?
    */
@@ -814,8 +819,8 @@ insert_round2_element (struct KeygenSession *ks)
 
   element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) +
                   GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers +
-                  GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold +
-                  GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers);
+                  sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers +
+                  GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold);
 
   element = GNUNET_malloc (sizeof (struct GNUNET_SET_Element) + element_size);
   element->size = element_size;
@@ -857,13 +862,11 @@ insert_round2_element (struct KeygenSession *ks)
     memset (ciphertext, 0, sizeof *ciphertext);
     if (GNUNET_YES == ks->info[i].round1_valid)
     {
-      struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
       gcry_mpi_set_ui (idx, i + 1);
       // evaluate the polynomial
       horner_eval (v, ks->presecret_polynomial, ks->threshold, idx, elgamal_q);
-      GNUNET_CRYPTO_mpi_print_unsigned (&plaintext, sizeof plaintext, v);
       // encrypt the result
-      GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, &plaintext, ciphertext);
+      GNUNET_CRYPTO_paillier_encrypt (&ks->info[i].paillier_public_key, v, ciphertext);
     }
     pos += sizeof *ciphertext;
   }
@@ -904,7 +907,6 @@ keygen_round2_new_element (void *cls,
   const struct GNUNET_SECRETSHARING_KeygenRevealData *d;
   struct KeygenPeerInfo *info;
   unsigned char *pos;
-  struct GNUNET_CRYPTO_PaillierPlaintext plaintext;
   size_t expected_element_size;
 
   if (NULL == element)
@@ -915,7 +917,7 @@ keygen_round2_new_element (void *cls,
 
   expected_element_size = (sizeof (struct GNUNET_SECRETSHARING_KeygenRevealData) +
                   GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers +
-                  GNUNET_CRYPTO_PAILLIER_BITS / 8 * 2 * ks->num_peers +
+                  sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers +
                   GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->threshold);
 
   if (element->size != expected_element_size)
@@ -960,7 +962,7 @@ keygen_round2_new_element (void *cls,
   // skip exponentiated pre-shares
   pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers;
   // skip encrypted pre-shares
-  pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->num_peers;
+  pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->num_peers;
   // the first exponentiated coefficient is the public key share
   GNUNET_CRYPTO_mpi_scan_unsigned (&info->public_key_share, pos, GNUNET_SECRETSHARING_ELGAMAL_BITS / 8);
 
@@ -968,12 +970,11 @@ keygen_round2_new_element (void *cls,
   // skip exp. pre-shares
   pos += GNUNET_SECRETSHARING_ELGAMAL_BITS / 8 * ks->num_peers;
   // skip to the encrypted value for our peer
-  pos += GNUNET_CRYPTO_PAILLIER_BITS * 2 / 8 * ks->local_peer_idx;
+  pos += sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * ks->local_peer_idx;
 
+  GNUNET_assert (NULL != (info->decrypted_preshare = gcry_mpi_new (0)));
   GNUNET_CRYPTO_paillier_decrypt (&ks->paillier_private_key, &ks->info[ks->local_peer_idx].paillier_public_key,
-                                  (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, &plaintext);
-  GNUNET_CRYPTO_mpi_scan_unsigned (&info->decrypted_preshare, &plaintext,
-                                   sizeof plaintext);
+                                  (struct GNUNET_CRYPTO_PaillierCiphertext *) pos, info->decrypted_preshare);
 
   // TODO: validate zero knowledge proofs
 
@@ -1009,13 +1010,13 @@ keygen_round1_conclude (void *cls)
   GNUNET_CONSENSUS_destroy (ks->consensus);
 
   ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &ks->session_id,
+                                           time_between (ks->start_time, ks->deadline, 1, 2),
+                                           ks->deadline,
                                            keygen_round2_new_element, ks);
 
   insert_round2_element (ks);
 
   GNUNET_CONSENSUS_conclude (ks->consensus,
-                             /* last round, thus conclude at DKG deadline */
-                             ks->deadline,
                              keygen_round2_conclude,
                              ks);
 }
@@ -1104,6 +1105,8 @@ static void handle_client_keygen (void *cls,
 
   GNUNET_log (GNUNET_ERROR_TYPE_INFO, "first round of consensus with %u peers\n", ks->num_peers);
   ks->consensus = GNUNET_CONSENSUS_create (cfg, ks->num_peers, ks->peers, &msg->session_id,
+                                           GNUNET_TIME_absolute_ntoh (msg->start),
+                                           GNUNET_TIME_absolute_ntoh (msg->deadline),
                                            keygen_round1_new_element, ks);
 
   ks->info = GNUNET_new_array (ks->num_peers, struct KeygenPeerInfo);
@@ -1125,8 +1128,6 @@ static void handle_client_keygen (void *cls,
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Concluding for round 1\n", ks->local_peer_idx);
 
   GNUNET_CONSENSUS_conclude (ks->consensus,
-                             /* half the overall time */
-                             time_between (ks->start_time, ks->deadline, 1, 2),
                              keygen_round1_conclude,
                              ks);
 
@@ -1259,6 +1260,9 @@ insert_decrypt_element (struct DecryptSession *ds)
   gcry_mpi_t x;
   gcry_mpi_t s;
 
+  /* make vagrind happy until we implement the real deal ... */
+  memset (&d, 0, sizeof d);
+
   GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, "P%u: Inserting decrypt element\n",
               ds->share->my_peer);
 
@@ -1273,11 +1277,6 @@ insert_decrypt_element (struct DecryptSession *ds)
   element.size = sizeof (struct GNUNET_SECRETSHARING_DecryptData);
   element.type = 0;
 
-  /* make vagrind happy until we implement the real deal ... */
-  memset (&d.nizk_commit1, 0, sizeof d.nizk_commit1);
-  memset (&d.nizk_commit2, 0, sizeof d.nizk_commit2);
-  memset (&d.nizk_response, 0, sizeof d.nizk_response);
-
   d.ciphertext = ds->ciphertext;
   d.peer = my_peer;
   d.purpose.size = htonl (element.size - offsetof (struct GNUNET_SECRETSHARING_DecryptData, purpose));
@@ -1317,6 +1316,7 @@ static void handle_client_decrypt (void *cls,
   GNUNET_CONTAINER_DLL_insert (decrypt_sessions_head, decrypt_sessions_tail, ds);
   ds->client = client;
   ds->client_mq = GNUNET_MQ_queue_for_server_client (client);
+  ds->start = GNUNET_TIME_absolute_ntoh (msg->start);
   ds->deadline = GNUNET_TIME_absolute_ntoh (msg->deadline);
   ds->ciphertext = msg->ciphertext;
 
@@ -1331,6 +1331,8 @@ static void handle_client_decrypt (void *cls,
                                            ds->share->num_peers,
                                            ds->share->peers,
                                            &session_id,
+                                           ds->start,
+                                           ds->deadline,
                                            &decrypt_new_element,
                                            ds);
 
@@ -1344,7 +1346,7 @@ static void handle_client_decrypt (void *cls,
 
   insert_decrypt_element (ds);
 
-  GNUNET_CONSENSUS_conclude (ds->consensus, ds->deadline, decrypt_conclude, ds);
+  GNUNET_CONSENSUS_conclude (ds->consensus, decrypt_conclude, ds);
 
   GNUNET_SERVER_receive_done (client, GNUNET_OK);
 
diff --git a/src/secretsharing/secretsharing.h b/src/secretsharing/secretsharing.h
index e94ff46b7..796feabae 100644
--- a/src/secretsharing/secretsharing.h
+++ b/src/secretsharing/secretsharing.h
@@ -57,6 +57,11 @@ struct GNUNET_SECRETSHARING_CreateMessage
   struct GNUNET_HashCode session_id GNUNET_PACKED;
 
   /**
+   * Start time for communication with the other peers.
+   */
+  struct GNUNET_TIME_AbsoluteNBO start;
+
+  /**
    * Deadline for the establishment of the crypto system.
    */
   struct GNUNET_TIME_AbsoluteNBO deadline;
@@ -131,6 +136,11 @@ struct GNUNET_SECRETSHARING_DecryptRequestMessage
   struct GNUNET_MessageHeader header;
 
   /**
+   * Until when should the decryption start?
+   */
+  struct GNUNET_TIME_AbsoluteNBO start;
+
+  /**
    * Until when should the decryption be finished?
    */
   struct GNUNET_TIME_AbsoluteNBO deadline;
diff --git a/src/secretsharing/secretsharing_api.c b/src/secretsharing/secretsharing_api.c
index 1489a5c45..d46d24e9d 100644
--- a/src/secretsharing/secretsharing_api.c
+++ b/src/secretsharing/secretsharing_api.c
@@ -174,6 +174,7 @@ GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *c
                                      unsigned int num_peers,
                                      const struct GNUNET_PeerIdentity *peers,
                                      const struct GNUNET_HashCode *session_id,
+                                     struct GNUNET_TIME_Absolute start,
                                      struct GNUNET_TIME_Absolute deadline,
                                      unsigned int threshold,
                                      GNUNET_SECRETSHARING_SecretReadyCallback cb,
@@ -205,6 +206,7 @@ GNUNET_SECRETSHARING_create_session (const struct GNUNET_CONFIGURATION_Handle *c
   msg->threshold = htons (threshold);
   msg->num_peers = htons (num_peers);
   msg->session_id = *session_id;
+  msg->start = GNUNET_TIME_absolute_hton (start);
   msg->deadline = GNUNET_TIME_absolute_hton (deadline);
   memcpy (&msg[1], peers, num_peers * sizeof (struct GNUNET_PeerIdentity));
 
@@ -253,6 +255,7 @@ struct GNUNET_SECRETSHARING_DecryptionHandle *
 GNUNET_SECRETSHARING_decrypt (const struct GNUNET_CONFIGURATION_Handle *cfg,
                               struct GNUNET_SECRETSHARING_Share *share,
                               const struct GNUNET_SECRETSHARING_Ciphertext *ciphertext,
+                              struct GNUNET_TIME_Absolute start,
                               struct GNUNET_TIME_Absolute deadline,
                               GNUNET_SECRETSHARING_DecryptCallback decrypt_cb,
                               void *decrypt_cb_cls)
@@ -285,6 +288,7 @@ GNUNET_SECRETSHARING_decrypt (const struct GNUNET_CONFIGURATION_Handle *cfg,
 
   GNUNET_assert (GNUNET_OK == GNUNET_SECRETSHARING_share_write (share, &msg[1], share_size, NULL));
 
+  msg->start = GNUNET_TIME_absolute_hton (start);
   msg->deadline = GNUNET_TIME_absolute_hton (deadline);
   msg->ciphertext = *ciphertext;