diff options
| author | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-02 16:55:00 +0200 |
|---|---|---|
| committer | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-02 16:55:00 +0200 |
| commit | 017a90a88cf17a680f82aa99e733785709c05613 (patch) | |
| tree | 357fd7a59ff3b5e2f2f05213c3950a65d71b43fc /crypto.c | |
| parent | 6a4fa07b284cca7417dd7fa9493f053a5cf9245f (diff) | |
| download | libbrandt-017a90a88cf17a680f82aa99e733785709c05613.tar.gz libbrandt-017a90a88cf17a680f82aa99e733785709c05613.zip | |
finish/fix public first price auctions
Diffstat (limited to 'crypto.c')
| -rw-r--r-- | crypto.c | 27 |
1 files changed, 20 insertions, 7 deletions
| @@ -407,7 +407,9 @@ smc_free1 (gcry_mpi_point_t *dst, uint16_t size1) | |||
| 407 | 407 | ||
| 408 | 408 | ||
| 409 | /** | 409 | /** |
| 410 | * smc_init1 creates a 1 dimensional array of curve points | 410 | * smc_init1 creates a 1 dimensional array of curve points. Make sure to |
| 411 | * initialize the values before using them, they are not automatically set to | ||
| 412 | * the zero point! | ||
| 411 | * | 413 | * |
| 412 | * @param[in] size1 size of the first dimension | 414 | * @param[in] size1 size of the first dimension |
| 413 | * @return a pointer to the array or NULL on error. | 415 | * @return a pointer to the array or NULL on error. |
| @@ -460,7 +462,9 @@ smc_free2 (gcry_mpi_point_t **dst, uint16_t size1, uint16_t size2) | |||
| 460 | 462 | ||
| 461 | 463 | ||
| 462 | /** | 464 | /** |
| 463 | * smc_init2 creates a 2 dimensional array of curve points | 465 | * smc_init2 creates a 2 dimensional array of curve points. Make sure to |
| 466 | * initialize the values before using them, they are not automatically set to | ||
| 467 | * the zero point! | ||
| 464 | * | 468 | * |
| 465 | * @param[in] size1 size of the first dimension | 469 | * @param[in] size1 size of the first dimension |
| 466 | * @param[in] size2 size of the second dimension | 470 | * @param[in] size2 size of the second dimension |
| @@ -525,7 +529,9 @@ smc_free3 (gcry_mpi_point_t ***dst, | |||
| 525 | 529 | ||
| 526 | 530 | ||
| 527 | /** | 531 | /** |
| 528 | * smc_init3 creates a 3 dimensional array of curve points | 532 | * smc_init3 creates a 3 dimensional array of curve points. Make sure to |
| 533 | * initialize the values before using them, they are not automatically set to | ||
| 534 | * the zero point! | ||
| 529 | * | 535 | * |
| 530 | * @param[in] size1 size of the first dimension | 536 | * @param[in] size1 size of the first dimension |
| 531 | * @param[in] size2 size of the second dimension | 537 | * @param[in] size2 size of the second dimension |
| @@ -884,8 +890,15 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) | |||
| 884 | brandt_assert (!ec_point_cmp (ec_zero, tlta1[ad->k - 1])); | 890 | brandt_assert (!ec_point_cmp (ec_zero, tlta1[ad->k - 1])); |
| 885 | brandt_assert (!ec_point_cmp (ec_zero, tltb1[ad->k - 1])); | 891 | brandt_assert (!ec_point_cmp (ec_zero, tltb1[ad->k - 1])); |
| 886 | 892 | ||
| 887 | /* temporarily store the \sum_{i=1}^n2^{i-1}b_i in tmp1, since it is needed | 893 | /* initialize tmp array with zeroes, since we are calculating a sum */ |
| 888 | * each time a gamma,delta pair is received from another bidder */ | 894 | for (uint16_t j = 0; j < ad->k; j++) |
| 895 | { | ||
| 896 | ec_point_copy (ad->tmpa1[j], ec_zero); | ||
| 897 | ec_point_copy (ad->tmpb1[j], ec_zero); | ||
| 898 | } | ||
| 899 | /* store the \sum_{i=1}^n2^{i-1}b_i in tmp1 until outcome determination, | ||
| 900 | * since it is needed each time a gamma,delta pair is received from another | ||
| 901 | * bidder */ | ||
| 889 | for (uint16_t i = 0; i < ad->n; i++) | 902 | for (uint16_t i = 0; i < ad->n; i++) |
| 890 | { | 903 | { |
| 891 | for (uint16_t j = 0; j < ad->k; j++) | 904 | for (uint16_t j = 0; j < ad->k; j++) |
| @@ -895,7 +908,7 @@ fp_pub_compute_outcome (struct BRANDT_Auction *ad, size_t *buflen) | |||
| 895 | gcry_mpi_ec_mul (tmp, coeff, ad->beta[i][j], ec_ctx); | 908 | gcry_mpi_ec_mul (tmp, coeff, ad->beta[i][j], ec_ctx); |
| 896 | gcry_mpi_ec_add (ad->tmpb1[j], ad->tmpb1[j], tmp, ec_ctx); | 909 | gcry_mpi_ec_add (ad->tmpb1[j], ad->tmpb1[j], tmp, ec_ctx); |
| 897 | } | 910 | } |
| 898 | gcry_mpi_mul_ui (coeff, coeff, 2); | 911 | gcry_mpi_lshift (coeff, coeff, 1); |
| 899 | } | 912 | } |
| 900 | 913 | ||
| 901 | for (uint16_t j = 0; j < ad->k; j++) | 914 | for (uint16_t j = 0; j < ad->k; j++) |
| @@ -1033,7 +1046,7 @@ fp_pub_decrypt_outcome (struct BRANDT_Auction *ad, size_t *buflen) | |||
| 1033 | phi = (struct ec_mpi *)cur; | 1046 | phi = (struct ec_mpi *)cur; |
| 1034 | proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); | 1047 | proof2 = (struct proof_2dle *)(cur + sizeof (*phi)); |
| 1035 | 1048 | ||
| 1036 | smc_sum (tmp, &ad->delta2[0][j], ad->n, ad->n * ad->k); | 1049 | smc_sum (tmp, &ad->delta2[0][j], ad->n, ad->k); |
| 1037 | 1050 | ||
| 1038 | /* copy still encrypted outcome to all other bidder layers so they | 1051 | /* copy still encrypted outcome to all other bidder layers so they |
| 1039 | * don't have to be recomputed to check the ZK proof_2dle's from | 1052 | * don't have to be recomputed to check the ZK proof_2dle's from |