aboutsummaryrefslogtreecommitdiff
path: root/src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c')
-rw-r--r--src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c474
1 files changed, 116 insertions, 358 deletions
diff --git a/src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c b/src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
index 565cc3104..773682234 100644
--- a/src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
+++ b/src/scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
@@ -1,6 +1,6 @@
1/* 1/*
2 This file is part of GNUnet. 2 This file is part of GNUnet.
3 Copyright (C) 2013, 2014 Christian Grothoff (and other contributing authors) 3 Copyright (C) 2013-2015 Christian Grothoff (and other contributing authors)
4 4
5 GNUnet is free software; you can redistribute it and/or modify 5 GNUnet is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published 6 it under the terms of the GNU General Public License as published
@@ -18,7 +18,7 @@
18 Boston, MA 02110-1301, USA. 18 Boston, MA 02110-1301, USA.
19 */ 19 */
20/** 20/**
21 * @file scalarproduct/gnunet-service-scalarproduct_alice.c 21 * @file scalarproduct/gnunet-service-scalarproduct-ecc_alice.c
22 * @brief scalarproduct service implementation 22 * @brief scalarproduct service implementation
23 * @author Christian M. Fuchs 23 * @author Christian M. Fuchs
24 * @author Christian Grothoff 24 * @author Christian Grothoff
@@ -34,11 +34,17 @@
34#include "gnunet_scalarproduct_service.h" 34#include "gnunet_scalarproduct_service.h"
35#include "gnunet_set_service.h" 35#include "gnunet_set_service.h"
36#include "scalarproduct.h" 36#include "scalarproduct.h"
37#include "gnunet-service-scalarproduct.h" 37#include "gnunet-service-scalarproduct-ecc.h"
38 38
39#define LOG(kind,...) GNUNET_log_from (kind, "scalarproduct-alice", __VA_ARGS__) 39#define LOG(kind,...) GNUNET_log_from (kind, "scalarproduct-alice", __VA_ARGS__)
40 40
41/** 41/**
42 * Maximum allowed result value for the scalarproduct computation.
43 * DLOG will fail if the result is bigger.
44 */
45#define MAX_RESULT (1024 * 1024)
46
47/**
42 * An encrypted element key-value pair. 48 * An encrypted element key-value pair.
43 */ 49 */
44struct MpiElement 50struct MpiElement
@@ -51,9 +57,15 @@ struct MpiElement
51 const struct GNUNET_HashCode *key; 57 const struct GNUNET_HashCode *key;
52 58
53 /** 59 /**
54 * Value represented (a). 60 * a_i value, not disclosed to Bob.
55 */ 61 */
56 gcry_mpi_t value; 62 gcry_mpi_t value;
63
64 /**
65 * r_i value, chosen at random, not disclosed to Bob.
66 */
67 gcry_mpi_t r_i;
68
57}; 69};
58 70
59 71
@@ -123,26 +135,6 @@ struct AliceServiceSession
123 struct MpiElement *sorted_elements; 135 struct MpiElement *sorted_elements;
124 136
125 /** 137 /**
126 * Bob's permutation p of R
127 */
128 struct GNUNET_CRYPTO_PaillierCiphertext *r;
129
130 /**
131 * Bob's permutation q of R
132 */
133 struct GNUNET_CRYPTO_PaillierCiphertext *r_prime;
134
135 /**
136 * Bob's "s"
137 */
138 struct GNUNET_CRYPTO_PaillierCiphertext s;
139
140 /**
141 * Bob's "s'"
142 */
143 struct GNUNET_CRYPTO_PaillierCiphertext s_prime;
144
145 /**
146 * The computed scalar 138 * The computed scalar
147 */ 139 */
148 gcry_mpi_t product; 140 gcry_mpi_t product;
@@ -167,12 +159,6 @@ struct AliceServiceSession
167 uint32_t client_received_element_count; 159 uint32_t client_received_element_count;
168 160
169 /** 161 /**
170 * Already transferred elements from Bob to us.
171 * Less or equal than @e total.
172 */
173 uint32_t cadet_received_element_count;
174
175 /**
176 * State of this session. In 162 * State of this session. In
177 * #GNUNET_SCALARPRODUCT_STATUS_ACTIVE while operation is 163 * #GNUNET_SCALARPRODUCT_STATUS_ACTIVE while operation is
178 * ongoing, afterwards in #GNUNET_SCALARPRODUCT_STATUS_SUCCESS or 164 * ongoing, afterwards in #GNUNET_SCALARPRODUCT_STATUS_SUCCESS or
@@ -195,19 +181,19 @@ struct AliceServiceSession
195static const struct GNUNET_CONFIGURATION_Handle *cfg; 181static const struct GNUNET_CONFIGURATION_Handle *cfg;
196 182
197/** 183/**
198 * Service's own public key 184 * Context for DLOG operations on a curve.
199 */ 185 */
200static struct GNUNET_CRYPTO_PaillierPublicKey my_pubkey; 186static struct GNUNET_CRYPTO_EccDlogContext *edc;
201 187
202/** 188/**
203 * Service's own private key 189 * Alice's private key ('a').
204 */ 190 */
205static struct GNUNET_CRYPTO_PaillierPrivateKey my_privkey; 191static gcry_mpi_t my_privkey;
206 192
207/** 193/**
208 * Service's offset for values that could possibly be negative but are plaintext for encryption. 194 * Inverse of Alice's private key ('a_inv').
209 */ 195 */
210static gcry_mpi_t my_offset; 196static gcry_mpi_t my_privkey_inv;
211 197
212/** 198/**
213 * Handle to the CADET service. 199 * Handle to the CADET service.
@@ -300,16 +286,6 @@ destroy_service_session (struct AliceServiceSession *s)
300 GNUNET_free (s->sorted_elements); 286 GNUNET_free (s->sorted_elements);
301 s->sorted_elements = NULL; 287 s->sorted_elements = NULL;
302 } 288 }
303 if (NULL != s->r)
304 {
305 GNUNET_free (s->r);
306 s->r = NULL;
307 }
308 if (NULL != s->r_prime)
309 {
310 GNUNET_free (s->r_prime);
311 s->r_prime = NULL;
312 }
313 if (NULL != s->product) 289 if (NULL != s->product)
314 { 290 {
315 gcry_mpi_release (s->product); 291 gcry_mpi_release (s->product);
@@ -463,248 +439,41 @@ cb_channel_destruction (void *cls,
463 439
464 440
465/** 441/**
466 * Computes the square sum over a vector of a given length.
467 *
468 * @param vector the vector to compute over
469 * @param length the length of the vector
470 * @return an MPI value containing the calculated sum, never NULL
471 */
472static gcry_mpi_t
473compute_square_sum_mpi_elements (const struct MpiElement *vector,
474 uint32_t length)
475{
476 gcry_mpi_t elem;
477 gcry_mpi_t sum;
478 uint32_t i;
479
480 GNUNET_assert (NULL != (sum = gcry_mpi_new (0)));
481 GNUNET_assert (NULL != (elem = gcry_mpi_new (0)));
482 for (i = 0; i < length; i++)
483 {
484 gcry_mpi_mul (elem, vector[i].value, vector[i].value);
485 gcry_mpi_add (sum, sum, elem);
486 }
487 gcry_mpi_release (elem);
488 return sum;
489}
490
491
492/**
493 * Computes the square sum over a vector of a given length.
494 *
495 * @param vector the vector to compute over
496 * @param length the length of the vector
497 * @return an MPI value containing the calculated sum, never NULL
498 */
499static gcry_mpi_t
500compute_square_sum (const gcry_mpi_t *vector,
501 uint32_t length)
502{
503 gcry_mpi_t elem;
504 gcry_mpi_t sum;
505 uint32_t i;
506
507 GNUNET_assert (NULL != (sum = gcry_mpi_new (0)));
508 GNUNET_assert (NULL != (elem = gcry_mpi_new (0)));
509 for (i = 0; i < length; i++)
510 {
511 gcry_mpi_mul (elem, vector[i], vector[i]);
512 gcry_mpi_add (sum, sum, elem);
513 }
514 gcry_mpi_release (elem);
515 return sum;
516}
517
518
519/**
520 * Compute our scalar product, done by Alice 442 * Compute our scalar product, done by Alice
521 * 443 *
522 * @param session the session associated with this computation 444 * @param session the session associated with this computation
445 * @param prod_g_i_b_i value from Bob
446 * @param prod_h_i_b_i value from Bob
523 * @return product as MPI, never NULL 447 * @return product as MPI, never NULL
524 */ 448 */
525static gcry_mpi_t 449static gcry_mpi_t
526compute_scalar_product (struct AliceServiceSession *session) 450compute_scalar_product (struct AliceServiceSession *session,
451 gcry_mpi_point_t prod_g_i_b_i,
452 gcry_mpi_point_t prod_h_i_b_i)
527{ 453{
528 uint32_t count; 454 gcry_mpi_point_t g_i_b_i_a_inv;
529 gcry_mpi_t t; 455 gcry_mpi_point_t g_ai_bi;
530 gcry_mpi_t u; 456 int ai_bi;
531 gcry_mpi_t u_prime; 457 gcry_mpi_t ret;
532 gcry_mpi_t p; 458
533 gcry_mpi_t p_prime; 459 g_i_b_i_a_inv = GNUNET_CRYPTO_ecc_pmul_mpi (edc,
534 gcry_mpi_t tmp; 460 prod_g_i_b_i,
535 gcry_mpi_t r[session->used_element_count]; 461 my_privkey_inv);
536 gcry_mpi_t r_prime[session->used_element_count]; 462 g_ai_bi = GNUNET_CRYPTO_ecc_add (edc,
537 gcry_mpi_t s; 463 g_i_b_i_a_inv,
538 gcry_mpi_t s_prime; 464 prod_h_i_b_i);
539 unsigned int i; 465 gcry_mpi_point_release (g_i_b_i_a_inv);
540 466 ai_bi = GNUNET_CRYPTO_ecc_dlog (edc,
541 count = session->used_element_count; 467 g_ai_bi);
542 // due to the introduced static offset S, we now also have to remove this 468 gcry_mpi_point_release (g_ai_bi);
543 // from the E(a_pi)(+)E(-b_pi-r_pi) and E(a_qi)(+)E(-r_qi) twice each, 469 if (MAX_RESULT == ai_bi)
544 // the result is E((S + a_pi) + (S -b_pi-r_pi)) and E(S + a_qi + S - r_qi)
545 for (i = 0; i < count; i++)
546 { 470 {
547 r[i] = gcry_mpi_new (0); 471 /* result too big */
548 GNUNET_CRYPTO_paillier_decrypt (&my_privkey, 472 return NULL;
549 &my_pubkey,
550 &session->r[i],
551 r[i]);
552 gcry_mpi_sub (r[i],
553 r[i],
554 my_offset);
555 gcry_mpi_sub (r[i],
556 r[i],
557 my_offset);
558 r_prime[i] = gcry_mpi_new (0);
559 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
560 &my_pubkey,
561 &session->r_prime[i],
562 r_prime[i]);
563 gcry_mpi_sub (r_prime[i],
564 r_prime[i],
565 my_offset);
566 gcry_mpi_sub (r_prime[i],
567 r_prime[i],
568 my_offset);
569 } 473 }
570 474 ret = gcry_mpi_new (0);
571 // calculate t = sum(ai) 475 gcry_mpi_set_ui (ret, ai_bi);
572 t = compute_square_sum_mpi_elements (session->sorted_elements, 476 return ret;
573 count);
574 // calculate U
575 u = gcry_mpi_new (0);
576 tmp = compute_square_sum (r, count);
577 gcry_mpi_sub (u, u, tmp);
578 gcry_mpi_release (tmp);
579
580 //calculate U'
581 u_prime = gcry_mpi_new (0);
582 tmp = compute_square_sum (r_prime, count);
583 gcry_mpi_sub (u_prime, u_prime, tmp);
584
585 GNUNET_assert (p = gcry_mpi_new (0));
586 GNUNET_assert (p_prime = gcry_mpi_new (0));
587 GNUNET_assert (s = gcry_mpi_new (0));
588 GNUNET_assert (s_prime = gcry_mpi_new (0));
589
590 // compute P
591 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
592 &my_pubkey,
593 &session->s,
594 s);
595 GNUNET_CRYPTO_paillier_decrypt (&my_privkey,
596 &my_pubkey,
597 &session->s_prime,
598 s_prime);
599
600 // compute P
601 gcry_mpi_add (p, s, t);
602 gcry_mpi_add (p, p, u);
603
604 // compute P'
605 gcry_mpi_add (p_prime, s_prime, t);
606 gcry_mpi_add (p_prime, p_prime, u_prime);
607
608 gcry_mpi_release (t);
609 gcry_mpi_release (u);
610 gcry_mpi_release (u_prime);
611 gcry_mpi_release (s);
612 gcry_mpi_release (s_prime);
613
614 // compute product
615 gcry_mpi_sub (p, p, p_prime);
616 gcry_mpi_release (p_prime);
617 tmp = gcry_mpi_set_ui (tmp, 2);
618 gcry_mpi_div (p, NULL, p, tmp, 0);
619
620 gcry_mpi_release (tmp);
621 for (i = 0; i < count; i++)
622 {
623 gcry_mpi_release (session->sorted_elements[i].value);
624 gcry_mpi_release (r[i]);
625 gcry_mpi_release (r_prime[i]);
626 }
627 GNUNET_free (session->sorted_elements);
628 session->sorted_elements = NULL;
629 GNUNET_free (session->r);
630 session->r = NULL;
631 GNUNET_free (session->r_prime);
632 session->r_prime = NULL;
633
634 return p;
635}
636
637
638/**
639 * Handle a multipart chunk of a response we got from another service
640 * we wanted to calculate a scalarproduct with.
641 *
642 * @param cls closure (set from #GNUNET_CADET_connect)
643 * @param channel connection to the other end
644 * @param channel_ctx place to store local state associated with the @a channel
645 * @param message the actual message
646 * @return #GNUNET_OK to keep the connection open,
647 * #GNUNET_SYSERR to close it (signal serious error)
648 */
649static int
650handle_bobs_cryptodata_multipart (void *cls,
651 struct GNUNET_CADET_Channel *channel,
652 void **channel_ctx,
653 const struct GNUNET_MessageHeader *message)
654{
655 struct AliceServiceSession *s = *channel_ctx;
656 const struct BobCryptodataMultipartMessage *msg;
657 const struct GNUNET_CRYPTO_PaillierCiphertext *payload;
658 size_t i;
659 uint32_t contained;
660 size_t msg_size;
661 size_t required_size;
662
663 if (NULL == s)
664 {
665 GNUNET_break_op (0);
666 return GNUNET_SYSERR;
667 }
668 msg_size = ntohs (message->size);
669 if (sizeof (struct BobCryptodataMultipartMessage) > msg_size)
670 {
671 GNUNET_break_op (0);
672 return GNUNET_SYSERR;
673 }
674 msg = (const struct BobCryptodataMultipartMessage *) message;
675 contained = ntohl (msg->contained_element_count);
676 required_size = sizeof (struct BobCryptodataMultipartMessage)
677 + 2 * contained * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext);
678 if ( (required_size != msg_size) ||
679 (s->cadet_received_element_count + contained > s->used_element_count) )
680 {
681 GNUNET_break (0);
682 return GNUNET_SYSERR;
683 }
684
685 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
686 "Received %u additional crypto values from Bob\n",
687 (unsigned int) contained);
688
689 payload = (const struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1];
690 /* Convert each k[][perm] to its MPI_value */
691 for (i = 0; i < contained; i++)
692 {
693 memcpy (&s->r[s->cadet_received_element_count + i],
694 &payload[2 * i],
695 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
696 memcpy (&s->r_prime[s->cadet_received_element_count + i],
697 &payload[2 * i],
698 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
699 }
700 s->cadet_received_element_count += contained;
701 GNUNET_CADET_receive_done (s->channel);
702 if (s->cadet_received_element_count != s->used_element_count)
703 return GNUNET_OK;
704
705 s->product = compute_scalar_product (s);
706 transmit_client_response (s);
707 return GNUNET_OK;
708} 477}
709 478
710 479
@@ -726,12 +495,11 @@ handle_bobs_cryptodata_message (void *cls,
726 const struct GNUNET_MessageHeader *message) 495 const struct GNUNET_MessageHeader *message)
727{ 496{
728 struct AliceServiceSession *s = *channel_ctx; 497 struct AliceServiceSession *s = *channel_ctx;
729 const struct BobCryptodataMessage *msg; 498 const struct EccBobCryptodataMessage *msg;
730 const struct GNUNET_CRYPTO_PaillierCiphertext *payload;
731 uint32_t i;
732 uint32_t contained; 499 uint32_t contained;
733 uint16_t msg_size; 500 uint16_t msg_size;
734 size_t required_size; 501 gcry_mpi_point_t prod_g_i_b_i;
502 gcry_mpi_point_t prod_h_i_b_i;
735 503
736 if (NULL == s) 504 if (NULL == s)
737 { 505 {
@@ -739,19 +507,14 @@ handle_bobs_cryptodata_message (void *cls,
739 return GNUNET_SYSERR; 507 return GNUNET_SYSERR;
740 } 508 }
741 msg_size = ntohs (message->size); 509 msg_size = ntohs (message->size);
742 if (sizeof (struct BobCryptodataMessage) > msg_size) 510 if (sizeof (struct EccBobCryptodataMessage) > msg_size)
743 { 511 {
744 GNUNET_break_op (0); 512 GNUNET_break_op (0);
745 return GNUNET_SYSERR; 513 return GNUNET_SYSERR;
746 } 514 }
747 msg = (const struct BobCryptodataMessage *) message; 515 msg = (const struct EccBobCryptodataMessage *) message;
748 contained = ntohl (msg->contained_element_count); 516 contained = ntohl (msg->contained_element_count);
749 required_size = sizeof (struct BobCryptodataMessage) 517 if (2 != contained)
750 + 2 * contained * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext)
751 + 2 * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext);
752 if ( (msg_size != required_size) ||
753 (contained > UINT16_MAX) ||
754 (s->used_element_count < contained) )
755 { 518 {
756 GNUNET_break_op (0); 519 GNUNET_break_op (0);
757 return GNUNET_SYSERR; 520 return GNUNET_SYSERR;
@@ -771,37 +534,16 @@ handle_bobs_cryptodata_message (void *cls,
771 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 534 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
772 "Received %u crypto values from Bob\n", 535 "Received %u crypto values from Bob\n",
773 (unsigned int) contained); 536 (unsigned int) contained);
774
775 payload = (const struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1];
776 memcpy (&s->s,
777 &payload[0],
778 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
779 memcpy (&s->s_prime,
780 &payload[1],
781 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
782 payload = &payload[2];
783
784 s->r = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * s->used_element_count);
785 s->r_prime = GNUNET_malloc (sizeof (struct GNUNET_CRYPTO_PaillierCiphertext) * s->used_element_count);
786 for (i = 0; i < contained; i++)
787 {
788 memcpy (&s->r[i],
789 &payload[2 * i],
790 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
791 memcpy (&s->r_prime[i],
792 &payload[2 * i + 1],
793 sizeof (struct GNUNET_CRYPTO_PaillierCiphertext));
794 }
795 s->cadet_received_element_count = contained;
796 GNUNET_CADET_receive_done (s->channel); 537 GNUNET_CADET_receive_done (s->channel);
797 538 prod_g_i_b_i = GNUNET_CRYPTO_ecc_bin_to_point (edc,
798 if (s->cadet_received_element_count != s->used_element_count) 539 &msg->prod_g_i_b_i);
799 { 540 prod_h_i_b_i = GNUNET_CRYPTO_ecc_bin_to_point (edc,
800 /* More to come */ 541 &msg->prod_h_i_b_i);
801 return GNUNET_OK; 542 s->product = compute_scalar_product (s,
802 } 543 prod_g_i_b_i,
803 544 prod_h_i_b_i);
804 s->product = compute_scalar_product (s); 545 gcry_mpi_point_release (prod_g_i_b_i);
546 gcry_mpi_point_release (prod_h_i_b_i);
805 transmit_client_response (s); 547 transmit_client_response (s);
806 return GNUNET_OK; 548 return GNUNET_OK;
807} 549}
@@ -832,6 +574,8 @@ copy_element_cb (void *cls,
832 else 574 else
833 gcry_mpi_add_ui (mval, mval, val); 575 gcry_mpi_add_ui (mval, mval, val);
834 s->sorted_elements [s->used_element_count].value = mval; 576 s->sorted_elements [s->used_element_count].value = mval;
577 s->sorted_elements [s->used_element_count].r_i
578 = GNUNET_CRYPTO_ecc_random_mod_n (edc);
835 s->sorted_elements [s->used_element_count].key = &e->key; 579 s->sorted_elements [s->used_element_count].key = &e->key;
836 s->used_element_count++; 580 s->used_element_count++;
837 return GNUNET_OK; 581 return GNUNET_OK;
@@ -861,7 +605,7 @@ element_cmp (const void *a,
861 * Maximum number of elements we can put into a single cryptodata 605 * Maximum number of elements we can put into a single cryptodata
862 * message 606 * message
863 */ 607 */
864#define ELEMENT_CAPACITY ((GNUNET_CONSTANTS_MAX_CADET_MESSAGE_SIZE - 1 - sizeof (struct AliceCryptodataMessage)) / sizeof (struct GNUNET_CRYPTO_PaillierCiphertext)) 608#define ELEMENT_CAPACITY ((GNUNET_CONSTANTS_MAX_CADET_MESSAGE_SIZE - 1 - sizeof (struct EccAliceCryptodataMessage)) / sizeof (struct GNUNET_CRYPTO_EccPoint))
865 609
866 610
867/** 611/**
@@ -873,13 +617,16 @@ element_cmp (const void *a,
873static void 617static void
874send_alices_cryptodata_message (struct AliceServiceSession *s) 618send_alices_cryptodata_message (struct AliceServiceSession *s)
875{ 619{
876 struct AliceCryptodataMessage *msg; 620 struct EccAliceCryptodataMessage *msg;
877 struct GNUNET_MQ_Envelope *e; 621 struct GNUNET_MQ_Envelope *e;
878 struct GNUNET_CRYPTO_PaillierCiphertext *payload; 622 struct GNUNET_CRYPTO_EccPoint *payload;
623 gcry_mpi_point_t g_i;
624 gcry_mpi_point_t h_i;
625 gcry_mpi_t r_ia;
626 gcry_mpi_t r_ia_ai;
879 unsigned int i; 627 unsigned int i;
880 uint32_t todo_count; 628 unsigned int off;
881 gcry_mpi_t a; 629 unsigned int todo_count;
882 uint32_t off;
883 630
884 s->sorted_elements 631 s->sorted_elements
885 = GNUNET_malloc (GNUNET_CONTAINER_multihashmap_size (s->intersected_elements) * 632 = GNUNET_malloc (GNUNET_CONTAINER_multihashmap_size (s->intersected_elements) *
@@ -907,23 +654,37 @@ send_alices_cryptodata_message (struct AliceServiceSession *s)
907 (unsigned int) s->used_element_count); 654 (unsigned int) s->used_element_count);
908 655
909 e = GNUNET_MQ_msg_extra (msg, 656 e = GNUNET_MQ_msg_extra (msg,
910 todo_count * sizeof (struct GNUNET_CRYPTO_PaillierCiphertext), 657 todo_count * 2 * sizeof (struct GNUNET_CRYPTO_EccPoint),
911 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_ALICE_CRYPTODATA); 658 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_ECC_ALICE_CRYPTODATA);
912 msg->contained_element_count = htonl (todo_count); 659 msg->contained_element_count = htonl (todo_count);
913 payload = (struct GNUNET_CRYPTO_PaillierCiphertext *) &msg[1]; 660 payload = (struct GNUNET_CRYPTO_EccPoint *) &msg[1];
914 a = gcry_mpi_new (0); 661 r_ia = gcry_mpi_new (0);
662 r_ia_ai = gcry_mpi_new (0);
915 for (i = off; i < off + todo_count; i++) 663 for (i = off; i < off + todo_count; i++)
916 { 664 {
917 gcry_mpi_add (a, 665 g_i = GNUNET_CRYPTO_ecc_dexp_mpi (edc,
666 s->sorted_elements [i].r_i);
667 /* r_ia = r_i * a */
668 gcry_mpi_mul (s->sorted_elements[i].r_i,
669 my_privkey,
670 r_ia);
671 /* r_ia_ai = r_ia + a_i */
672 gcry_mpi_add (r_ia_ai,
918 s->sorted_elements[i].value, 673 s->sorted_elements[i].value,
919 my_offset); 674 r_ia);
920 GNUNET_assert (3 == 675 h_i = GNUNET_CRYPTO_ecc_dexp_mpi (edc,
921 GNUNET_CRYPTO_paillier_encrypt (&my_pubkey, 676 r_ia_ai);
922 a, 677 GNUNET_CRYPTO_ecc_point_to_bin (edc,
923 3, 678 g_i,
924 &payload[i - off])); 679 &payload[(i - off) * 2]);
680 GNUNET_CRYPTO_ecc_point_to_bin (edc,
681 h_i,
682 &payload[(i - off) * 2 + 1]);
683 gcry_mpi_point_release (g_i);
684 gcry_mpi_point_release (h_i);
925 } 685 }
926 gcry_mpi_release (a); 686 gcry_mpi_release (r_ia);
687 gcry_mpi_release (r_ia_ai);
927 off += todo_count; 688 off += todo_count;
928 GNUNET_MQ_send (s->cadet_mq, 689 GNUNET_MQ_send (s->cadet_mq,
929 e); 690 e);
@@ -1069,7 +830,7 @@ cb_intersection_request_alice (void *cls,
1069static void 830static void
1070client_request_complete_alice (struct AliceServiceSession *s) 831client_request_complete_alice (struct AliceServiceSession *s)
1071{ 832{
1072 struct ServiceRequestMessage *msg; 833 struct EccServiceRequestMessage *msg;
1073 struct GNUNET_MQ_Envelope *e; 834 struct GNUNET_MQ_Envelope *e;
1074 835
1075 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG, 836 GNUNET_log (GNUNET_ERROR_TYPE_DEBUG,
@@ -1079,7 +840,7 @@ client_request_complete_alice (struct AliceServiceSession *s)
1079 = GNUNET_CADET_channel_create (my_cadet, 840 = GNUNET_CADET_channel_create (my_cadet,
1080 s, 841 s,
1081 &s->peer, 842 &s->peer,
1082 GNUNET_APPLICATION_TYPE_SCALARPRODUCT, 843 GNUNET_APPLICATION_TYPE_SCALARPRODUCT_ECC,
1083 GNUNET_CADET_OPTION_RELIABLE); 844 GNUNET_CADET_OPTION_RELIABLE);
1084 if (NULL == s->channel) 845 if (NULL == s->channel)
1085 { 846 {
@@ -1104,9 +865,8 @@ client_request_complete_alice (struct AliceServiceSession *s)
1104 } 865 }
1105 866
1106 e = GNUNET_MQ_msg (msg, 867 e = GNUNET_MQ_msg (msg,
1107 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_SESSION_INITIALIZATION); 868 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_ECC_SESSION_INITIALIZATION);
1108 msg->session_id = s->session_id; 869 msg->session_id = s->session_id;
1109 msg->public_key = my_pubkey;
1110 GNUNET_MQ_send (s->cadet_mq, 870 GNUNET_MQ_send (s->cadet_mq,
1111 e); 871 e);
1112} 872}
@@ -1327,6 +1087,11 @@ shutdown_task (void *cls,
1327 GNUNET_CADET_disconnect (my_cadet); 1087 GNUNET_CADET_disconnect (my_cadet);
1328 my_cadet = NULL; 1088 my_cadet = NULL;
1329 } 1089 }
1090 if (NULL != edc)
1091 {
1092 GNUNET_CRYPTO_ecc_dlog_release (edc);
1093 edc = NULL;
1094 }
1330} 1095}
1331 1096
1332 1097
@@ -1375,10 +1140,7 @@ run (void *cls,
1375{ 1140{
1376 static const struct GNUNET_CADET_MessageHandler cadet_handlers[] = { 1141 static const struct GNUNET_CADET_MessageHandler cadet_handlers[] = {
1377 { &handle_bobs_cryptodata_message, 1142 { &handle_bobs_cryptodata_message,
1378 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_CRYPTODATA, 1143 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_ECC_BOB_CRYPTODATA,
1379 0},
1380 { &handle_bobs_cryptodata_multipart,
1381 GNUNET_MESSAGE_TYPE_SCALARPRODUCT_BOB_CRYPTODATA_MULTIPART,
1382 0}, 1144 0},
1383 { NULL, 0, 0} 1145 { NULL, 0, 0}
1384 }; 1146 };
@@ -1393,16 +1155,12 @@ run (void *cls,
1393 }; 1155 };
1394 1156
1395 cfg = c; 1157 cfg = c;
1396 /* 1158 edc = GNUNET_CRYPTO_ecc_dlog_prepare (MAX_RESULT /* max value */,
1397 offset has to be sufficiently small to allow computation of: 1159 1024 /* RAM */);
1398 m1+m2 mod n == (S + a) + (S + b) mod n, 1160 /* Select a random 'a' value for Alice */
1399 if we have more complex operations, this factor needs to be lowered */ 1161 GNUNET_CRYPTO_ecc_rnd_mpi (edc,
1400 my_offset = gcry_mpi_new (GNUNET_CRYPTO_PAILLIER_BITS / 3); 1162 &my_privkey,
1401 gcry_mpi_set_bit (my_offset, 1163 &my_privkey_inv);
1402 GNUNET_CRYPTO_PAILLIER_BITS / 3);
1403
1404 GNUNET_CRYPTO_paillier_create (&my_pubkey,
1405 &my_privkey);
1406 GNUNET_SERVER_add_handlers (server, 1164 GNUNET_SERVER_add_handlers (server,
1407 server_handlers); 1165 server_handlers);
1408 GNUNET_SERVER_disconnect_notify (server, 1166 GNUNET_SERVER_disconnect_notify (server,
@@ -1445,4 +1203,4 @@ main (int argc,
1445 &run, NULL)) ? 0 : 1; 1203 &run, NULL)) ? 0 : 1;
1446} 1204}
1447 1205
1448/* end of gnunet-service-scalarproduct_alice.c */ 1206/* end of gnunet-service-scalarproduct-ecc_alice.c */
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-28 13:35:29 +0000