This is an automated email from the ASF dual-hosted git repository. sandreoli pushed a commit to branch review-mike in repository https://gitbox.apache.org/repos/asf/incubator-milagro-MPC.git
commit ad151830d45d8ef39fcc8fc5d408f5e1d426543f Author: Samuele Andreoli <[email protected]> AuthorDate: Thu Apr 9 08:54:41 2020 +0100 use new naming convention for ff --- src/commitments.c | 11 ++++++----- src/factoring_zk.c | 6 +++--- src/mta.c | 32 ++++++++++++++++---------------- test/smoke/test_bc_setup_smoke.c | 4 ++-- test/unit/test_bc_internals.c | 2 +- 5 files changed, 28 insertions(+), 27 deletions(-) diff --git a/src/commitments.c b/src/commitments.c index 5539126..d908a44 100644 --- a/src/commitments.c +++ b/src/commitments.c @@ -118,7 +118,7 @@ static int is_safe_prime(BIG_1024_58 *p, BIG_1024_58 *P, csprng *RNG, int n) FF_2048_copy(Pm1, P, n); FF_2048_dec(Pm1, 1, n); - FF_2048_pow(f, f, Pm1, P, n, n); + FF_2048_nt_pow(f, f, Pm1, P, n, n); FF_2048_dec(f, 1, n); if (FF_2048_iszilch(f, n)) { @@ -172,9 +172,10 @@ void bc_generator(csprng *RNG, BIG_1024_58* x, BIG_1024_58 *P, int n) do { - FF_2048_power(x, r, 2, P, n); + FF_2048_nt_pow_int(x, r, 2, P, n); FF_2048_inc(r, 1, n); - } while (FF_2048_isunity(x, n)); + } + while (FF_2048_isunity(x, n)); } void COMMITMENTS_BC_setup(csprng *RNG, COMMITMENTS_BC_priv_modulus *m, octet *P, octet *Q, octet *B0, octet *ALPHA) @@ -261,8 +262,8 @@ void COMMITMENTS_BC_setup(csprng *RNG, COMMITMENTS_BC_priv_modulus *m, octet *P, FF_2048_dmod(ap, m->alpha, p, HFLEN_2048); FF_2048_dmod(aq, m->alpha, q, HFLEN_2048); - FF_2048_skpow(gp, gp, ap, m->P, HFLEN_2048, HFLEN_2048); - FF_2048_skpow(gq, gq, aq, m->Q, HFLEN_2048, HFLEN_2048); + FF_2048_ct_pow(gp, gp, ap, m->P, HFLEN_2048, HFLEN_2048); + FF_2048_ct_pow(gq, gq, aq, m->Q, HFLEN_2048, HFLEN_2048); FF_2048_crt(m->b1, gp, gq, m->P, m->invPQ, m->N, HFLEN_2048); diff --git a/src/factoring_zk.c b/src/factoring_zk.c index 10b10e2..2e8ad99 100644 --- a/src/factoring_zk.c +++ b/src/factoring_zk.c @@ -170,11 +170,11 @@ void FACTORING_ZK_prove(csprng *RNG, octet *P, octet *Q, octet *R, octet *E, oct // Compute Z_i ^ r mod P FF_2048_dmod(hws, ws, p, HFLEN_2048); - FF_2048_skpow(zrp, hws, rp, p, HFLEN_2048, HFLEN_2048); + FF_2048_ct_pow(zrp, hws, rp, p, HFLEN_2048, HFLEN_2048); // Compute Z_i ^ r mod Q FF_2048_dmod(hws, ws, q, HFLEN_2048); - FF_2048_skpow(zrq, hws, rq, q, HFLEN_2048, HFLEN_2048); + FF_2048_ct_pow(zrq, hws, rq, q, HFLEN_2048, HFLEN_2048); // Combine Z_i ^ r mod N with CRT FF_2048_crt(ws, zrp, zrq, p, invpq, n, HFLEN_2048); @@ -282,7 +282,7 @@ int FACTORING_ZK_verify(octet *N, octet *E, octet *Y) hash_oct(&sha_prime, &W); // Compute Z_i ^ r mod N and process it in H - FF_2048_skpow(ws, ws, exp, n, FFLEN_2048, 2 * FFLEN_2048); + FF_2048_ct_pow(ws, ws, exp, n, FFLEN_2048, 2 * FFLEN_2048); FF_2048_invmodp(ws, ws, n, FFLEN_2048); FF_2048_toOctet(&W, ws, FFLEN_2048); diff --git a/src/mta.c b/src/mta.c index 7e3c74e..a1bf84c 100644 --- a/src/mta.c +++ b/src/mta.c @@ -378,23 +378,23 @@ void MTA_RP_commit(csprng *RNG, PAILLIER_private_key *key, COMMITMENTS_BC_pub_mo FF_2048_fromOctet(dws1, &OCT, HFLEN_2048); // Compute z and w - FF_2048_skpow2(c->z, mod->b0, dws1, mod->b1, rv->rho, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->z, mod->b0, dws1, mod->b1, rv->rho, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); FF_2048_copy(dws1, rv->alpha, HFLEN_2048); - FF_2048_skpow2(c->w, mod->b0, dws1, mod->b1, rv->gamma, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->w, mod->b0, dws1, mod->b1, rv->gamma, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); // Compute u using CRT FF_2048_zero(dws2, 2 * FFLEN_2048); FF_2048_amul(dws2, rv->alpha, HFLEN_2048, n, FFLEN_2048); - FF_2048_skpow(ws1, rv->beta, n, key->p2, FFLEN_2048, FFLEN_2048); + FF_2048_ct_pow(ws1, rv->beta, n, key->p2, FFLEN_2048, FFLEN_2048); FF_2048_dmod(ws3, dws2, key->p2, FFLEN_2048); FF_2048_inc(ws3, 1, FFLEN_2048); FF_2048_norm(ws3, FFLEN_2048); FF_2048_mul(dws1, ws1, ws3, FFLEN_2048); FF_2048_dmod(ws1, dws1, key->p2, FFLEN_2048); - FF_2048_skpow(ws2, rv->beta, n, key->q2, FFLEN_2048, FFLEN_2048); + FF_2048_ct_pow(ws2, rv->beta, n, key->q2, FFLEN_2048, FFLEN_2048); FF_2048_dmod(ws3, dws2, key->q2, FFLEN_2048); FF_2048_inc(ws3, 1, FFLEN_2048); FF_2048_norm(ws3, FFLEN_2048); @@ -491,13 +491,13 @@ void MTA_RP_prove(PAILLIER_private_key *key, MTA_RP_commitment_rv *rv, octet *M, // Compute s = beta * r^e mod N using CRT FF_2048_amod(hws, r, 2*FFLEN_2048, key->p, HFLEN_2048); FF_2048_dmod(sp, rv->beta, key->p, HFLEN_2048); - FF_2048_pow(hws, hws, e, key->p, HFLEN_2048, HFLEN_2048); + FF_2048_nt_pow(hws, hws, e, key->p, HFLEN_2048, HFLEN_2048); FF_2048_mul(ws1, sp, hws, HFLEN_2048); FF_2048_dmod(sp, ws1, key->p, HFLEN_2048); FF_2048_amod(hws, r, 2*FFLEN_2048, key->q, HFLEN_2048); FF_2048_dmod(sq, rv->beta, key->q, HFLEN_2048); - FF_2048_pow(hws, hws, e, key->q, HFLEN_2048, HFLEN_2048); + FF_2048_nt_pow(hws, hws, e, key->q, HFLEN_2048, HFLEN_2048); FF_2048_mul(ws1, sq, hws, HFLEN_2048); FF_2048_dmod(sq, ws1, key->q, HFLEN_2048); @@ -565,7 +565,7 @@ void MTA_triple_power(BIG_1024_58 *proof, BIG_1024_58 *h1, BIG_1024_58 *h2, BIG_ FF_2048_dmod(hws2, h2, p, HFLEN_2048); FF_2048_dmod(proof, z, p, HFLEN_2048); - FF_2048_skpow3(proof, hws1, hws3, hws2, hws4, proof, eneg, p, HFLEN_2048, HFLEN_2048); + FF_2048_ct_pow_3(proof, hws1, hws3, hws2, hws4, proof, eneg, p, HFLEN_2048, HFLEN_2048); // Clean memory FF_2048_zero(hws1, HFLEN_2048); @@ -650,7 +650,7 @@ int MTA_RP_verify(PAILLIER_public_key *key, COMMITMENTS_BC_priv_modulus *mod, oc FF_4096_mul(ws2_4096, key->n, s1, HFLEN_4096); FF_4096_inc(ws2_4096, 1, FFLEN_4096); FF_4096_norm(ws2_4096, FFLEN_4096); - FF_4096_pow2(ws1_4096, p->s, key->n, ws1_4096, e_4096, key->n2, FFLEN_4096, HFLEN_4096); + FF_4096_nt_pow_2(ws1_4096, p->s, key->n, ws1_4096, e_4096, key->n2, FFLEN_4096, HFLEN_4096); FF_4096_mul(dws_4096, ws1_4096, ws2_4096, FFLEN_4096); FF_4096_dmod(ws1_4096, dws_4096, key->n2, FFLEN_4096); @@ -775,21 +775,21 @@ void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_mod OCT_pad(&OCT, HFS_2048); FF_2048_zero(tws, FFLEN_2048 + HFLEN_2048); FF_2048_fromOctet(tws, &OCT, HFLEN_2048); - FF_2048_skpow2(c->z, mod->b0, tws, mod->b1, rv->rho, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->z, mod->b0, tws, mod->b1, rv->rho, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); // Compute t = h1^y * h2^sigma mod Nt OCT_copy(&OCT, Y); OCT_pad(&OCT, HFS_2048); FF_2048_fromOctet(tws, &OCT, HFLEN_2048); - FF_2048_skpow2(c->t, mod->b0, tws, mod->b1, rv->sigma, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->t, mod->b0, tws, mod->b1, rv->sigma, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); // Compute z1 = h1^alpha * h2^rho1 mod Nt and FF_2048_copy(tws, rv->alpha, HFLEN_2048); - FF_2048_skpow2(c->z1, mod->b0, tws, mod->b1, rv->rho1, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->z1, mod->b0, tws, mod->b1, rv->rho1, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); // Compute w = h1^gamma * h2^tau mod Nt FF_2048_copy(tws, rv->gamma, FFLEN_2048); - FF_2048_skpow2(c->w, mod->b0, tws, mod->b1, rv->tau, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); + FF_2048_ct_pow_2(c->w, mod->b0, tws, mod->b1, rv->tau, mod->N, FFLEN_2048, FFLEN_2048 + HFLEN_2048); // Compute v = c1^alpha * g^gamma * beta^N mod n2 FF_4096_fromOctet(ws2, C1, FFLEN_4096); @@ -801,7 +801,7 @@ void MTA_ZK_commit(csprng *RNG, PAILLIER_public_key *key, COMMITMENTS_BC_pub_mod FF_4096_mul(ws1, key->n, gamma, HFLEN_4096); FF_4096_inc(ws1, 1, FFLEN_4096); FF_4096_norm(ws1, FFLEN_4096); - FF_4096_skpow2(ws2, ws2, alpha, beta, key->n, key->n2, FFLEN_4096, HFLEN_4096); + FF_4096_ct_pow_2(ws2, ws2, alpha, beta, key->n, key->n2, FFLEN_4096, HFLEN_4096); FF_4096_mul(dws, ws1, ws2, FFLEN_4096); FF_4096_dmod(ws1, dws, key->n2, FFLEN_4096); @@ -870,7 +870,7 @@ void MTA_ZK_prove(PAILLIER_public_key *key, MTA_ZK_commitment_rv *rv, octet *X, FF_2048_fromOctet(n, &OCT, FFLEN_2048); FF_2048_dmod(ws, dws, n, FFLEN_2048); - FF_2048_pow(ws, ws, e, n, FFLEN_2048, HFLEN_2048); + FF_2048_nt_pow(ws, ws, e, n, FFLEN_2048, HFLEN_2048); FF_2048_mul(dws, rv->beta, ws, FFLEN_2048); FF_2048_dmod(p->s, dws, n, FFLEN_2048); @@ -1012,7 +1012,7 @@ int MTA_ZK_verify(PAILLIER_private_key *key, COMMITMENTS_BC_priv_modulus *mod, o FF_2048_dmod(ws1, c1, key->p2, FFLEN_2048); FF_2048_dmod(ws2, c2, key->p2, FFLEN_2048); - FF_2048_pow3(p_proof, ws1, p->s1, p->s, n, ws2, ws3, key->p2, FFLEN_2048, FFLEN_2048); + FF_2048_ct_pow_3(p_proof, ws1, p->s1, p->s, n, ws2, ws3, key->p2, FFLEN_2048, FFLEN_2048); FF_2048_mul(dws, n, p->t1, FFLEN_2048); FF_2048_dmod(ws1, dws, key->p2, FFLEN_2048); @@ -1033,7 +1033,7 @@ int MTA_ZK_verify(PAILLIER_private_key *key, COMMITMENTS_BC_priv_modulus *mod, o FF_2048_dmod(ws1, c1, key->q2, FFLEN_2048); FF_2048_dmod(ws2, c2, key->q2, FFLEN_2048); - FF_2048_pow3(q_proof, ws1, p->s1, p->s, n, ws2, ws3, key->q2, FFLEN_2048, FFLEN_2048); + FF_2048_ct_pow_3(q_proof, ws1, p->s1, p->s, n, ws2, ws3, key->q2, FFLEN_2048, FFLEN_2048); FF_2048_mul(dws, n, p->t1, FFLEN_2048); FF_2048_dmod(ws1, dws, key->q2, FFLEN_2048); diff --git a/test/smoke/test_bc_setup_smoke.c b/test/smoke/test_bc_setup_smoke.c index 4fe3130..52f965b 100644 --- a/test/smoke/test_bc_setup_smoke.c +++ b/test/smoke/test_bc_setup_smoke.c @@ -58,14 +58,14 @@ int main() COMMITMENTS_BC_setup(&RNG, &m, &P, &Q, NULL, NULL); // Check that b0, b1, alpha, ialpha are of the correct form - FF_2048_pow(e, m.b0, m.alpha, m.N, FFLEN_2048, FFLEN_2048); + FF_2048_nt_pow(e, m.b0, m.alpha, m.N, FFLEN_2048, FFLEN_2048); if (FF_2048_comp(e, m.b1, FFLEN_2048) != 0) { printf("FAILURE COMMITMENTS_BC_setup. b1 != b0^alpha"); exit(EXIT_FAILURE); } - FF_2048_pow(e, m.b1, m.ialpha, m.N, FFLEN_2048, FFLEN_2048); + FF_2048_nt_pow(e, m.b1, m.ialpha, m.N, FFLEN_2048, FFLEN_2048); if (FF_2048_comp(e, m.b0, FFLEN_2048) != 0) { printf("FAILURE COMMITMENTS_BC_setup. b0 != b1^ialpha"); diff --git a/test/unit/test_bc_internals.c b/test/unit/test_bc_internals.c index 01dba30..5663b81 100644 --- a/test/unit/test_bc_internals.c +++ b/test/unit/test_bc_internals.c @@ -50,7 +50,7 @@ int main() /* Test utility to find generators of G_p as subgroup of Z/PZ */ bc_generator(&RNG, x, P, HFLEN_2048); assert(NULL, "bc_generator - returned unity", !FF_2048_isunity(x, HFLEN_2048)); - FF_2048_pow(x, x, p, P, HFLEN_2048, HFLEN_2048); + FF_2048_nt_pow(x, x, p, P, HFLEN_2048, HFLEN_2048); assert(NULL, "bc_generator - order is not P", FF_2048_isunity(x, HFLEN_2048)); /* Test safe prime primality test */
