DecryptionZKP

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

paillierp.zkp
Class DecryptionZKP

java.lang.Object
  paillierp.zkp.ZKP
      paillierp.zkp.DecryptionZKP

All Implemented Interfaces:: java.io.Serializable

public class DecryptionZKP
extends ZKP
extends ZKP

A non-interactive Zero Knowledge Proof that some partial decryption was done. (Note that this is only for the threshold version of the scheme.) This is essentially a protocol for the equality of discrete logs, i.e. given u, u', v, v', prove that log_u(u') = log_v(v'). This Zero Knowledge Proof will correctly validate whether the ciphertext c was indeed raised to the 2Δs_i power by comparing it with the public verification v_i. This checks that log_c⁴(c_i²) = log_v(v_i). Recall that v_i = v^Δs_i.

The protocol is given on pp. 16-17 in Generalization of Paillier's Public-Key System with Applications to Electronic Voting by Damgård et al.

Author:: Murat Kantarcioglu, Sean Hall, James Garrity
See Also:: PaillierThreshold, Serialized Form

Field Summary
`protected java.math.BigInteger`	`c` The original ciphertext.
`protected java.math.BigInteger`	`c4` The ciphtertext to the fourth power.
`protected PartialDecryption`	`ci` This share's decryption of `c`.
`protected java.math.BigInteger`	`ci2` The share's decryption of `c`, but squared, for the protocol.
`protected java.math.BigInteger`	`e` The hash of the correctness.
`protected java.math.BigInteger`	`nSPlusOne` The public key value.
`private static long`	`serialVersionUID` This Serial ID
`protected java.math.BigInteger`	`v` The overall verification number.
`protected java.math.BigInteger`	`vi` The share's verification number.
`protected java.math.BigInteger`	`z` The value necessary to check the correctness of this decryption.

Fields inherited from class paillierp.zkp.ZKP
`hashFunction`

Constructor Summary
`DecryptionZKP(byte[] b)` Creates an instance of the Zero Knowledge Proof of decryption from a byte array which does have the key encoded.
`DecryptionZKP(byte[] b, java.math.BigInteger nSPlusOne, java.math.BigInteger v, java.math.BigInteger vi)` Creates an instance of the Zero Knowledge Proof from a byte array (which does not have the key) and the values necessary for verification.
`DecryptionZKP(byte[] b, PaillierThresholdKey pubkey)` Creates an instance of the Zero Knowledge Proof from a byte array (which does not have the key) and a public key.
`DecryptionZKP(PaillierPrivateThresholdKey deckey, java.math.BigInteger c)` Creates an instance of the Zero Knoweledge Proof and partial decryption.

Method Summary
`java.math.BigInteger`	`getC()` Returns the original ciphertext.
`int`	`getID()` Returns the ID of the key used to make this partial decryption.
`PartialDecryption`	`getPartialDecryption()`
`java.math.BigInteger`	`getValue()` The partial decryption intended to be delivered.
`byte[]`	`toByteArray()` Encodes this ZKP into a byte array.
`byte[]`	`toByteArrayNoKey()` Encodes this ZKP into a byte array.
`boolean`	`verify()` Evaluates the truth of this partial decryption.
`boolean`	`verify(java.math.BigInteger origc)` Evaluates the truth of this partial decryption as a partial decryption of `origc`.
`boolean`	`verifyKey(PaillierThresholdKey origkey)` Verifies that the values used in this Zero Knowledge Proof corresponds to the given key.

Methods inherited from class paillierp.zkp.ZKP
`hash`

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Field Detail

serialVersionUID

private static final long serialVersionUID

This Serial ID

See Also:: Constant Field Values

e

protected java.math.BigInteger e

The hash of the correctness.

z

protected java.math.BigInteger z

The value necessary to check the correctness of this decryption.

c

protected java.math.BigInteger c

The original ciphertext.

c4

protected java.math.BigInteger c4

The ciphtertext to the fourth power.

ci

protected PartialDecryption ci

This share's decryption of c. That is, ci = c^2Δs_i.

ci2

protected java.math.BigInteger ci2

The share's decryption of c, but squared, for the protocol.

nSPlusOne

protected java.math.BigInteger nSPlusOne

The public key value. Needed for verifying values.

v

protected java.math.BigInteger v

The overall verification number. Needed for verifying values.

vi

protected java.math.BigInteger vi

The share's verification number. Needed for verifying values.

Constructor Detail

DecryptionZKP

public DecryptionZKP(byte[] b)

Creates an instance of the Zero Knowledge Proof of decryption from a byte array which does have the key encoded.

Parameters:: b - byte array of the necessary values for a ZKP
Throws:: java.lang.IllegalArgumentException - if it detects that some corruption has occured, for example, if the "size of next BigInteger" field is a larger number than typical causing out of bounds issues.
See Also:: toByteArray()

DecryptionZKP

public DecryptionZKP(byte[] b,
                     java.math.BigInteger nSPlusOne,
                     java.math.BigInteger v,
                     java.math.BigInteger vi)

Creates an instance of the Zero Knowledge Proof from a byte array (which does not have the key) and the values necessary for verification.

Parameters:: b - byte array of the necessary values for a ZKP; nSPlusOne - the public key modulus n^s+1; v - the public key verifier for partial decryptions; vi - the public key verifier for partial decryptions from this particular server
See Also:: toByteArrayNoKey()

DecryptionZKP

public DecryptionZKP(byte[] b,
                     PaillierThresholdKey pubkey)

Creates an instance of the Zero Knowledge Proof from a byte array (which does not have the key) and a public key.

Parameters:: b - byte array of the necessary values for a ZKP; pubkey - public Paillier key to provide further recurring values for a ZKP
See Also:: toByteArrayNoKey()

DecryptionZKP

public DecryptionZKP(PaillierPrivateThresholdKey deckey,
                     java.math.BigInteger c)

Creates an instance of the Zero Knoweledge Proof and partial decryption. By creating a hash of values including the partial decryption, this sets up the variables for a recomputation of the hash to verify the truth that c_i is indeed c partially decrypted.

Parameters:: deckey - Private key used to generate a partial decryption; c - Ciphertext to be decrypted

Method Detail

verify

public boolean verify()

Evaluates the truth of this partial decryption. By recomputing the hash, it checks to see that indeed c_i was computed correctly.

Specified by:: verify in class ZKP

Returns:: The truth of the computation of c_i

verify

public boolean verify(java.math.BigInteger origc)

Evaluates the truth of this partial decryption as a partial decryption of origc. By recomputing the hash, it checks to see that indeed c_i was computed correctly from origc.

Parameters:: origc - Original Ciphertext.
Returns:: The truth of the computation of c_i as coming from origc.

verifyKey

public boolean verifyKey(PaillierThresholdKey origkey)

Verifies that the values used in this Zero Knowledge Proof corresponds to the given key.

Parameters:: origkey - Original key
Returns:: The truth of the computation of c_i as being encrypted by origkey

getC

public java.math.BigInteger getC()

Returns the original ciphertext.

Returns:: The ciphertext of which this is a partial decryption

getID

public int getID()

Returns the ID of the key used to make this partial decryption.

Returns:: The ID of the decryption server generating this partial decryption

getValue

public java.math.BigInteger getValue()

The partial decryption intended to be delivered.

Specified by:: getValue in class ZKP

Returns:: A partial decryption c_i
See Also:: PaillierThreshold.decrypt(BigInteger)

getPartialDecryption

public PartialDecryption getPartialDecryption()

toByteArray

public byte[] toByteArray()

Encodes this ZKP into a byte array. All of the necessary values (including the public key values) needed to verify the veracity of this partial decryption are encoded. Before each BigInteger (except n) is the 4-byte equivalent to the size of the BigInteger for later parsing.

Specified by:: toByteArray in class ZKP

Returns:: a byte array containing the most necessary values of this ZKP. A byte array of size 0 is returned if the byte array would be too large.
See Also:: DecryptionZKP(byte[]), BigInteger.toByteArray()

toByteArrayNoKey

public byte[] toByteArrayNoKey()

Encodes this ZKP into a byte array. All of the necessary values (besides the public key values) needed to verify the veracity of this partial decryption are encoded. Before each BigInteger (except n) is the 4-byte equivalent to the size of the BigInteger for later parsing.

Specified by:: toByteArrayNoKey in class ZKP

Returns:: a byte array containing the most necessary values of this ZKP. A byte array of size 0 is returned if the byte array would be too large.
See Also:: DecryptionZKP(byte[], PaillierThresholdKey), BigInteger.toByteArray()

Overview

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

paillierp.zkp Class DecryptionZKP

serialVersionUID

e

z

c

c4

ci

ci2

nSPlusOne

v

vi

DecryptionZKP

DecryptionZKP

DecryptionZKP

DecryptionZKP

verify

verify

verifyKey

getC

getID

getValue

getPartialDecryption

toByteArray

toByteArrayNoKey

paillierp.zkp
Class DecryptionZKP